Chat with Softimpact

SoftImpact

The new iOS login technology makes it extremely difficult to hack your iCloud account

The new iOS login technology makes it extremely difficult to hack your iCloud account

January 31, 2023

Apple now allows you to protect your Apple ID and iCloud account with hardware security keys, a physical login technology that provides maximum protection from hackers, snoopers, and identity thieves.

Hardware security keys are small physical devices when you sign in to a device or account via USB ports, Lightning ports, or NFC wireless data connections. You must have keys to use them, so they are useful in preventing hackers trying to access your account remotely. Since it does not work on fake login websites, you can prevent phishing attacks that try to trick you into typing your password into a fake website.

Support for keys arrived with iOS 16.3 and macOS 13.2 on Monday and Tuesday. Apple has released details on how to use Security Keys with iPhones, iPads, and Macs. The company requires you to set at least two keys.

The move follows major support for hardware security from other tech giants such as Google, Microsoft, Twitter and Facebook parent Meta. According to the US Cybersecurity and Infrastructure Security Agency, or CISA, security keys are the "gold standard" for multifactor authentication.

Apple, which has been plagued by iPhone breaches, has been tightening security in recent months with Pegasus Spyware from NSO Group. Apple's Advanced Data Protection option when it arrives in December offers a strong encryption option for data stored and synced with iCloud. And in September, Apple added an iPhone lock mode that includes new security rules for how your phone works to thwart outside attacks.

However, there is one big caveat: Although hardware security keys and advanced data protection software better lock down your account, they also mean that Apple can't help you regain access.

READ Microsoft Force acknowledges Horizon 4 bugs and releases the package
“This feature is designed for users who face integrated threats to their online accounts, often because of their public profile, such as celebrities, journalists and members of the government.” Apple said the current situation. "This takes our two-factor authentication even further, preventing even an advanced attacker from getting the user's second factor in a phishing scam."

The industry is tightening login security
The technology is part of a tightening of authentication measures across the industry. Thousands of data breaches have exposed the vulnerabilities of traditional passwords Hackers can now bypass common two-factor authentication techniques such as security codes sent via text message. Another method called Hardware Security Keys and Passwords provides peace of mind even in the face of severe attacks such as those received by hackers accessing LastPass clients' password manager files.

Hardware security keys have been around for years, but the Rapid Identification on the Internet (FIDO) Alliance has helped standardize the technology and integrate its use with websites and apps. A big advantage on the Internet is that it is linked to certain websites, for example, Facebook or Twitter, so it prevents phishing attacks that make you log into fake websites. They're the foundation for Google's Advanced Security program, too, for those who want maximum protection.
 
 
MacOS and iOS allow you to protect your iCloud account and Apple ID with hardware security keys.

Screenshot by Stephen Shankland/CNET
You must select the correct hardware security keys for your devices. The USB-C and NFC-enabled Switch is a good way to communicate with relatively new models of both Macs and iPhones. Apple requires that you have two keys, but it's not a good idea to have more in case you lose them. You can use a single key to authenticate different devices and services, such as Apple, Google, and Microsoft accounts.

Yubico, a leading producer of hardware security keys, announced on Tuesday two new YubiKey models that are FIDO-certified for its consumer-grade security key series. Both support NFC, but the $29 model has a USB-C connector and the $25 model has an older-style USB-A connector.

The number of Americans affected by data breaches will rise 42% in 2022 compared to 2021, the Identity Theft Resource Center said in January. For some tips on online safety, check out my colleague Bree Fowler's Tips for Improving Your Privacy Online.

Passcodes and security keys are better than passwords
Google, Microsoft, Apple, and other partners are also working to support a different FIDO authentication technology called passkeys. Passkeys are designed to replace passwords in general, hardware security keys are not required.

Passwords and security keys are complementary, FIDO Alliance Executive Director Andrew Chekyar said in a speech Wednesday at a conference on issues of online identity. He said there's a huge improvement over passwords, or passwords combined with login codes sent via text or obtained from an authenticator app.

“We need to fundamentally change how people authenticate from something that you know, that's on a server, that's in your head, that you log into the network and send — something that's inherently knowledge-based. Possession-based Shekyar said of the coalition's effort to move away from passwords and access tokens.

With FIDO technology like passkeys or security keys, the authentication process takes place wherever you have, for example, a biometric passkey or a hardware security key, which makes it very difficult for a remote attacker to hack.


LET’S START A NEW PROJECT TOGETHER!



September 11, 2023

Becoming a junior developer is a promising career choice. Junior developers play a crucial role in the software development process, working alongside experienced developers to create and maintain software applications. If you're passionate...

September 01, 2023

If you're a programmer, you might find yourself pondering why you're still single despite your intelligence, ambition, and computer prowess. There are several factors that contribute to why many programmers remain unattached in the dating...

July 31, 2023

Having a mobile app for your small business is no longer just a luxury reserved for big corporations. With the widespread use of smartphones and mobile devices, businesses of all sizes can benefit greatly from having a mobile app. Here are five...

July 25, 2023

Linda Yaccarino, the CEO of the company, tweeted about the rarity of second chances, either in life or business, to create a lasting impact. Little did Twitter's followers know that this sentiment would soon manifest in a major rebranding...

July 21, 2023

Windows takes a significant leap forward as the ultimate platform for developers to create tailored AI experiences for their customers with the inclusion of Llama 2 models. This development further solidifies Windows' position by providing...

Load More Load More
Softimpact. All Rights Reserved © 2023 | Privacy Policy

GET IN TOUCH

SITEMAP

© 2023, Softimpact. All Rights Reserved | Privacy Policy

COME FOR A CHAT
COFFEE ON US...

Aamal Center, 6th floor,
Barbar Abou Jaoude Street
Jdeideh Highway - Lebanon
Contact Phone Tel: +961 1 890 888
Fax: +961 1 890 999
2, Genevis Street,
GENEVA COURT, Flat 301
3116 Limassol - Cyprus
Contact Phone Tel: +357 25 338 379
Fax: +357 25 338 379

FOLLOW US ON