Even if your password is impossible to guess, if it does fall into the wrong hands, your account could be vulnerable. For that reason it is a good idea to set up two-factor authentication. Once you have this system in place a hacker would need more than your username and password to access your account, they would also need to have access to your iPhone to access a security code.
What does two-factor authentication do?
Two-Factor Authentication adds an extra level of security - in addition to using your password Apple will send you by text message, or via an alert on you Mac screen, a numerical code that you will be required to use.
This is different to two-step verification which Apple added after celebrities started getting their iCloud accounts hacked. You might have set it up if you were perticularly concerned about your security. Here we have a comparison between two-step and two-factor verification here. Apple introduced two-step verification in a bit of a hurry and the new two-factor method is a little more baked into the OS and a little easier to set up than that was.
To set up Two-Factor Authentication on your Mac, go to System Preferences > iCloud > Account Details. Log in using your Apple ID. Then select Security and Turn On Two-Factor Authentication.
Next you will be asked for a phone number that Apple can text a number too. Once you receive that number you need to add that number to the verification screen on your Mac.
You don’t have to set up two-factor authentication on your Mac, you can also do so on your iPad or iPhone. To set up Two-Factor Authentication on your iPad or iPhone, go to Settings > iCloud and tap your Apple ID. Then choose Password & Security > Turn on Two-Factor Authentication.
What happens once I have two-factor authentication set up?
Once you have set up two-factor authentication you’ll get a notification on your trusted devices every time you sign in on a new device. The alert includes a map which shows an approximate location based on the IP address the device is currently using, don’t get too paranoid about this. When we sign on in Suffolk we get an alert indicating that the device is near London. The first time this happened we did panic a bit…
You will also be sent a six digit code which you will need to enter.
Problems with two-factor authentication
Beware that once you have set up two-factor authentication it suddenly becomes a bit more difficult to sign into Apple devices running older versions of OS X or iOS. For example, we managed to lock ourselves out of our Apple TV (3rd generation) because when it asked for our Apple password we entered our password three times and never added the code which unbeknown to us had magically been sent to our phone…
Once you have turned on two-factor authentication you will need to add a six-digit verification code at end of your password when signing in on your older devices. This code will be sent to a ‘trusted device’ running iOS 9 and later or OS X El Capitan and later, or it will be sent to your phone number.
You should make sure that if your mobile number changes you change it on your Apple ID account page online here.
Benefits of two-factor authentication
The good news is that you don't need to choose or remember any security questions once you have set up two-factor authentication.
And your Apple ID account will be protected.
How secure is iOS, iPad and iPhone