The use of physical security keys as a two-step authentication method has finally made its way to the iPhone and other Apple devices. With updates released in the last week for iOS and macOS releasing the feature, the company also released three models of devices that it considers ideal for its users, with complete compatibility and robust protection protocols.
- How to turn your phone into a physical key for two-step authentication
- Google releases open source code to help security key makers
As a rule, any security key that complies with FIDO standards can be used on iPhone, iPad, Mac and other devices. The protocol, which stands for “Fast Online Identity”, brings together major technology companies around a universal format and technical requirements for the use of solutions of this type, as a way to more securely replace two-step authentication codes and other biometric elements.
Basically, the idea is that, when logging in to an account, either from Apple or from other companies that support the standard, it is also necessary to insert the security key into the USB port of the device or connect it via Bluetooth. In some cases, biometric authentication on the device itself is also required, in order to ensure that only the user has access to their own profile.
For use on macOS or iOS, Apple is recommending the adoption of the 5C NFC or 5Ci keys, from the manufacturer YubiKey, or the FEITAN ePass K9 NFC. The first has a USB-C connector, while the second also has the Lightning format; for older devices, the third is recommended, as it is connected to the computer via a USB-A connector.
However, the company also makes it clear that basically any security key that follows the FIDO standards and has Lightning and UCB-C connectors should work with the new operating system. The same also applies to those that communicate via NFC, compatible with the iPhone 6 onwards.
Along with the recommendation, Apple also brings some information about the use of keys, which cannot be used to access iCloud in Windows, for example. Additionally, devices cannot be linked to managed or child user AppleIDs linked to parental control systems.
The company also makes it clear that it does not back up access codes or key information, which means that, in the event of device loss, users may be left without access to their own accounts. The recommendation is to pay attention to the configuration and also to be careful when storing security phrases, which can be used as an alternative means of login.