Beginning with iOS 16.3, iPadOS 16.3, and macOS 13.2, Apple has introduced three advanced security features focused on protecting against threats to user data in the cloud, representing the next step in its ongoing effort to provide users with even stronger ways to protect their data.
Security Keys for Apple ID - users have the choice to require a physical security key to sign in to their Apple ID account instead of verification codes. (Note: This is not for unlocking devices each time, it is for when signing in with your Apple ID on the web or on a new device where you haven't signed in before).
Advanced Data Protection for iCloud - uses end-to-end encryption to provide Apple’s highest level of cloud data security, users have the choice to further protect important iCloud data, including iCloud Backup, Photos, Notes, and more.
iMessage Contact Key Verification - users can verify they are communicating only with whom they intend.
How do YubiKeys work with Apple ID accounts?
Since 2015, Apple has supported two factor authentication when logging into an Apple ID account. With the release of iOS 16.3, iPadOS 16.3 and macOS 13.2, users will have the option to use a YubiKey to login (via NFC or inserting the YubiKey).
For users who opt in, Security Keys strengthens Apple’s two-factor authentication by requiring a hardware security key as one of the two factors when signing into a new device. This takes two-factor authentication even further, preventing even an advanced attacker from obtaining a user’s second factor in a phishing scam.
You will need to run a specific version of Apple software to setup YubiKeys.
Which YubiKey do I need?
YubiKeys are available at Trust Panda (Official Yubico Gold Certified Ecommerce Partner) and are dispatched daily from our warehouse in Sydney, Australia.
Apple requires that you have two (2) physical YubiKeys - this ensures you can always sign in to your account, even if you lose one. You can add up to six (6) physical YubiKeys to your Apple ID.
Note: the YubiKey 5Ci does not have NFC and will require you to insert the key into your Apple devices.
Do I need a spare YubiKey?
Apple requires two (2) physical YubiKeys to enrol. You should store your YubiKeys separately and in a safe place. If you lose your YubiKey, Apple will not be able to help you access your account. There is no recovery method if you lose both of your YubiKeys.
If you're travelling, you might want to leave one of your YubiKeys at home.