The new iOS sign-in technology makes it very difficult to hack your iCloud account

Apple now lets you protect your Apple ID and iCloud account with hardware security keys, an important upgrade for those who want maximum protection from hackers, identity thieves, or snoopers.

Hardware security keys are small physical devices that connect to USB, Lightning, or NFC wireless data connections when you sign in to a device or account. Since you must have the keys in your possession to use them, they are effective in thwarting hackers trying to access your account remotely. And they won’t work on fake login sites, so they can thwart phishing attacks that try to trick you into typing your password on fake websites.

Keys support arrived Monday with iOS 16.3 and macOS 13.2, and on Tuesday, Apple has published details on how to use security keys With iPhones, iPads and Macs. The company requires you to set up at least two keys.

Apple has been tightening security in recent months, affected by iPhone breaches involving it Pegasus spyware of the NSO Group. Apple’s Advanced Data Protection option It arrived in December, giving the option of stronger encryption of stored data and syncing with iCloud. And in September, Apple added the iPhone lock mode It includes new protections around how your phone works to thwart external attacks.

However, there’s a big caveat: Although hardware security keys and the Advanced Data Protection program better lock your account, they also mean that Apple can’t help you regain access.

This feature is designed for users who, due to their public profile, often face concerted threats to their online accounts, such as celebrities, journalists, and members of the government. Apple said in the current situation. “This takes our two-factor authentication even further, preventing even an advanced attacker from getting the user’s second factor in a phishing scam.”

The industry is tightening login security

This technology is part of an industry-wide tightening of authentication procedures. Thousands of data breaches have exposed the vulnerabilities of traditional passwords, and Hackers can now thwart popular two-factor authentication techniques Like security codes sent via text message. Hardware security keys and another way called passkeys Provides peace of mind even in the event of serious attacks such as hacker acquisition Access LastPass clients’ password manager files.

Hardware security keys have been around for years, however Rapid Identity Online, or FIDOThe group helped standardize the technology and integrate its use with websites and applications. One of the big advantages on the web is that it links to certain websites, for example Facebook or Twitter, so it thwarts phishing attacks that try to get you to log into fake websites. They are the basis for Google Advanced Protection ProgramAlso, for those who want the ultimate in security.

You need to choose the right hardware security keys for your devices. For communication with relatively new models of both Macs and iPhones, a switch that supports USB-C and NFC is a good option. Apple requires that you have two keys, but it’s not a bad idea to have more in case you lose them. A single key can be used to authenticate many different devices and services, such as Apple, Google, and Microsoft accounts.

Yubico, the largest maker of hardware security keysannounced on Tuesday Two new FIDO approved YubiKey models In a consumer-friendly security keychain. Both support NFC, but the $29 model has a USB-C connector and the $25 model has an older style USB-A connector.

Google, Microsoft, Apple, and other allies are also working on support for a different FIDO authentication technology called passkeys. Passkeys are designed to replace passwords Completely, and does not require hardware security keys.