In the wake of the recent iCloud hack controversy, Apple has decided to beef up security with two-factor authentication for iCloud access.
Two-factor authentication is a security feature that requires users to verify their identity by entering a verification code in addition to the password to access accounts.
The two-factor authentication process requires iCloud users to enter an additional dynamically generated four-digit pass code, sent via a notification to user’s trusted device, on top of login and password details in order to access their accounts. The login attempt is followed by an email that provides an extra notification that iCloud has been accessed.
Once a user is confirmed, all iCloud assets are unlocked until the user logs out or closes the browser window.
However, Find My Phone service is the only exception to the new security feature. The service will not require the user’s ID to be verified and can be reached with only user’s Apple ID credentials. This is because in case a user’s phone is missing, he or she won’t be able to get the randomly generated login.
Cupertino has already begun sending out an email titled “Two-step verification now protects iCloud” to users announcing the new security feature.
The email also mentions that app-specific passwords will be necessary for third-party apps that don’t support two-factor to access iCloud beginning October 1.