Apple now lets you protect your Apple ID and iCloud account with hardware security keys, an important upgrade for those who want maximum protection from hackers, identity thieves, or snoopers.
Hardware security keys are small physical devices that connect to USB, Lightning, or NFC wireless data connections when you sign in to a device or account. Since you must have the keys in your possession to use them, they are effective in thwarting hackers trying to access your account remotely.
Keys support arrived Monday with iOS 16.3 and macOS 13.2, and on Tuesday, Apple has published details on how to use security keys With iPhones, iPads and Macs. The company requires you to set up at least two keys.
Apple has been tightening security in recent months, affected by iPhone breaches involving it Pegasus spyware of the NSO Group. Apple’s Advanced Data Protection option It arrived in December, giving the option of stronger encryption of stored data and syncing with iCloud. And in September, Apple added the iPhone lock mode It includes new protections around how your phone works to thwart external attacks.
However, there’s a big caveat: Although hardware security keys and the Advanced Data Protection program better lock your account, they also mean that Apple can’t help you regain access.
This feature is designed for users who, due to their public profile, often face concerted threats to their online accounts, such as celebrities, journalists, and members of the government. Apple said in the current situation. “This takes our two-factor authentication even further, preventing even an advanced attacker from getting the user’s second factor in a phishing scam.”
Hardware security keys have been around for years, but the Fast Identity Online suite, or FIDO, has helped standardize the technology and integrate its use with websites and apps. One big advantage on the web is that it links to specific websites, for example Facebook or Twitter, so it thwarts phishing attacks that try to get you to log into fake websites. They are the basis for Google Advanced Protection ProgramAlso, for those who want the ultimate in security.
Apple added hardware security key support to iOS 16.2 and macOS 13.2.
Screenshot by Stephen Shankland/CNET
You need to choose the right hardware security keys for your devices. For communication with relatively new models of both Macs and iPhones, a switch that supports USB-C and NFC is a good option. Apple requires that you have two keys, but it’s not a good idea to have more in case you lose them. A single key can be used to authenticate many different devices and services, such as Apple, Google, and Microsoft accounts.
Apple did not immediately respond to a request for comment.
Yubico, the largest maker of hardware security keysannounced on Tuesday Two new FIDO approved YubiKey models In a consumer-friendly security keychain. Both support NFC, but the $29 model has a USB-C connector and the $25 model has an older style USB-A connector.
Google, Microsoft, Apple, and other allies are also working on support for a different FIDO authentication technology called passkeys. Passkeys are designed to replace passwords Just like that, and don’t require hardware security keys.