Apple should follow Google’s lead and force 2-factor authentication for all accounts – Macworld

In honor of World Password Day, Google will automatically enable two-factor authentication for all Google account holders who have proper recovery information on their accounts (email or phone). Thats fantastic news and a bold step for Google, and I hope Apple follows suit.

In May 2019, Google announced that there are some 1.5 billion users around the world, so this is no small feat. Its not known how many of them havent turned on 2FA, but my guess is a lot, so this change will likely affect hundreds of millions of users. Thus, Google is letting users opt-out if they dont want 2FA, which some will surely do. But many more will keep it on and gain an instant layer of protection for their personal info that they might not have added otherwise.

Google spelled out the benefits of its new 2FA policy in a statement to PCWorld:

The reality is passwords are no longer a sufficient form of authentication they are painful for people and easy for hackers to access. It used to be that multifactor authentication was considered tedious and challenging to set upthat is no longer the case. Many users are already positioned to use a second step of verification across their accounts this auto-enrollment process is a way for us to help get them there. Users can opt-out of this change and keep their account security settings the same.

Apple was one of the first companies to offer two-step and then two-factor authentication to secure their Apple ID accounts, which is your key to the Apple ecosystem. Its been a strong proponent of the protection layer, requiring it for several services, including the new AirTag tracker, and has mandated it for all accounts created since iOS13.4, iPadOS13.4, and macOS10.15.4. However, there are hundreds of millions of accounts created before March 2020 that arent protected by 2FA, and Apple should turn those on too.

Celebrate World Password Day by locking down your Apple device

Everything you need to know about 2FA

How to master iCloud Keychain on your Apple devices

Of course, there will be pushback, but once the din dies down, users would be better for it. The resistance to 2FAnamely the fear that youll be locked out of your accountwould be outweighed by the extra security people get. The bottom line is youre no more likely to get locked out of your account with 2FA on than without it, especially with Apples system, which uses trusted Apple devices first, and less-secure SMS only as a backup.

And while were at it, Apple should also offer an app similar to Google Authenticator that provides standards-based one-time-use codes for third-party services without needing to send text messages. This app could offer password management of your iCloud Keychain too, instead of making you dive into Settings to do so. An Apple Authenticator app would help make one-time-password use more common instead of the less secure SMS-based codes, and ensure there are as few holes as possible in your iPhones security.

But for now, Ill be happy with just turning on 2FA for the millions of users who havent yet turned it on. If Google can do it, Apple can too.

Michael Simon has been covering Apple since the iPod was the iWalk. His obsession with technology goes back to his first PCthe IBM Thinkpad with the lift-up keyboard for swapping out the drive. He's still waiting for that to come back in style tbh.

See original here:

Apple should follow Google's lead and force 2-factor authentication for all accounts - Macworld