Apple really wants you to use a physical security key for Apple ID

A white padlock on a dark digital background.
(Image credit:

Apple has announced new features aimed at improving the cybersecurity protections for its customers, both consumers and businesses, including Security Keys, an ability to use third-party physical keys to protect data sitting in the iCloud platform.

“For users who opt in, Security Keys strengthens Apple’s two-factor authentication by requiring a hardware security key as one of the two factors,” the company said in its announcement, noting Security Keys will be generally available in 2023.

“This takes our two-factor authentication even further, preventing even an advanced attacker from obtaining a user’s second factor in a phishing scam.”

Protecting public figures

While the feature can be used by anyone, it was designed with public figures in mind, Apple said. After all, it’s public figures, such as celebrities, journalists, or government employees, that often face “concerted threats to their online accounts”. 

Speaking to 9to5Mac, Apple said the system integrates with its device-to-device transfer process, meaning once a user authenticates their iPhone, they won’t need to do it again, even when getting a new device (as long as they use the device-to-device setup transfer process, it said). 

Furthermore, trusted devices that are already signed into Apple ID won’t be signed out when the user tries to authenticate with the Security Key. 

Don’t expect to be buying new gadgets from Apple any time soon, though, as Apple confirmed no intention of building these hardware keys. Instead, it wants to onboard third-party partners.

There is a pressing need for stronger security, Apple said, citing a new research report titled “The rising threat to consumer data in the cloud”. Written by Dr. Stuart Madnick, professor emeritus at MIT Sloan School of Management, the report states the total number of data breaches more than tripled in less than a decade (2013 - 2021), with more than a billion personal records exposed to the public in 2021, alone. 

Via: 9to5Mac

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.