Apple is bringing an added layer of security to users’ messages and video calls, so they don’t get hijacked even if someone’s password falls into the wrong hands.
People who have signed up for Apple’s two-step authentication who sign out of iMessage or FaceTime and then try to sign back in will be required to generate an application-specific password from their Apple ID security page. That may not seem like a lot, but it’s enough to keep an attacker with just a user’s password out of their messages.
In order to get an application-specific password, people who use two-step authentication need to log in here with their Apple ID, password and a code that they get sent to an authorized device. (That’s what makes it two-step: users need both their password and a code sent to their iPhone, iPad or iPod Touch.) It’s a bit of extra work, but will give people an extra layer of security at a time when people are increasingly worried about how secure their digital communications are.
It’s another security feature for iMessage and FaceTime, which an EFF survey rated as some of the most secure messaging options last year. Communications are sent in an encrypted manner that Apple can’t read, and with this change, it’s even harder for someone to get inside and read messages they’re not supposed to see.
For information about how to set up Apple’s two-step authentication, check out this tutorial.
