Apple this week released iOS 16.3 and macOS Ventura 13.2, bringing an overdue feature to our Apple devices: security key support for Apple IDs. That means you can use a USB-C, Lightning, or NFC dongle as a second factor of authentication instead of the six-digit verification code Apple typically sends to another device.
As Apple explains, a physical key strengthens the two-factor authentication process and helps prevent an attacker from intercepting or requesting codes. With a security key, your account authentication is literally in your hands and no one else has access to it. However, if you lose your trusted security keys, you may be permanently locked out of your account.
To prevent that from happening, Apple requires two FIDO-certified security keys to use the new feature so you have a backup. Recommended keys include YubiKey’s NFC, USB-C, and Lightning keys, as well as the Feitan ePass K9 key, although any FIDO-certified key with the proper connector should work. Apple notes that NFC keys only works on iPhone and USB-C dongles should work with an iPhone using a USB-C-Lightning adapter.
There are also some Apple ID sign-in features that won’t work with security keys:
- You can’t sign in to iCloud for Windows.
- You can’t sign in to older devices that can’t be updated to iOS 16.3, iPadOS 16.3, or macOS 13.2.
- Child accounts and Managed Apple IDs aren’t supported.
Additionally, an Apple Watch paired with a family member’s iPhone will not be supported. Apple says you’ll need to set up your watch with your own iPhone to use a security key.
If you can get past all of that, the process is simple. Go to the Settings app (System Settings on Mac), tap the name of your Apple ID, then tap password and security Y Add security keysand follow the prompts to register your key. You will need to remain connected to all active devices to continue using a security key. To finish the process, all devices that haven’t been updated to iOS 16.3, iPadOS 16.3, or macOS 13.2 will be signed out.
