How To Protect Your Accounts With iPhone's Two-Factor Authentication

These days, two-factor authentication (2FA) isn't a nice-to-have feature, it's a must-have. Hacks and data leaks are common, and if you take security seriously, you should always enable 2FA on all your online accounts. This feature amps up your account security by requiring you to supply an extra login credential beyond just a password. This second factor could be a biometric ID or a verification code on your smartphone.

Text messages and emails are the most common type of 2FA, but they aren't the most secure either since they can both be easily spoofed. To be extra safe, most people use an authenticator app to generate time-sensitive, one-time passwords. In iOS 15, Apple stayed true to its privacy-focused reputation by adding a baked-in 2FA feature. That means you won't need to download any third-party 2FA apps to protect your accounts online, assuming you use an iPhone. Let's look at how to set up and use the feature.

How to set up two-factor authentication in iOS 15

Before we begin, a quick note: the 2FA feature will only work for websites or apps that support the feature. Some apps don't require (or support) 2FA, so keep in mind that this security measure may not apply to all of your accounts. With that said, here's what you need to do to get started:

  1. Open Settings, scroll down, and tap Passwords. 

  2. Choose a website or app for which you'd like to use 2FA. If the website you're securing isn't listed, tap + and then enter the website and login details.

  3. Next, tap Set Up Verification Code.

  4. Head out of the Settings app and go to the website or app you want to set up with the authenticator.

  5. Find the 2FA setup settings in the account you want to protect. This will vary depending on the website, but generally, you should find it under Settings > Security or the section where you change your password.

  6. If you see a setup key, simply copy it to your clipboard, and then go back to your Settings app. Select the Enter Setup Key option, paste in the setup key, and then tap OK. If you get a QR code, tap the Scan QR code option and use your camera to scan it. Of course, this would only work if you're checking the website on a device other than your iPhone.

  7. Once you've entered the setup key or scanned the QR code, a code should appear in the Verification Code field. Enter the code in the website you're setting up with 2FA. Make sure to be snappy with it, though, because the code will change every 30 seconds.

Extra security

Once that's done, two-factor authentication should be enabled for that website. Any time you log in to that website in the future, you'll be asked to enter a verification code, which will be generated by the built-in feature and auto-filled by your iPhone. If at some point your iPhone does not autofill the verification code when you need it, you can view the regenerating 6-digit codes in Settings > Passwords under the account you're trying to access.

2FA is a necessity for maintaining your security online, and now that Apple offers it as a convenient built-in feature, you should consider taking advantage of it. In more exciting news, a passwordless future is very near. Microsoft, Apple, and Google have recently agreed to allow support for the FIDO Alliance's passwordless standard. Instead of storing and managing complex passwords, you'll only need a single passkey to log in to all your accounts on all your devices. The new standard will be available sometime in 2023, but until then, 2FA will have to do.