Apple releases iOS 16.3 with support for hardware security keys
For the function to work, you need to have 2 keys and a little time to connect them.
On January 23, Apple released iOS 16.3 with support for hardware security keys to provide additional protection against phishing attacks and unauthorized access to the device.
To use a security key, Apple requires you to have two keys: carry one with you and keep the other at home or office as a spare in case you lose the first one. To set up security key authentication on iPhone, go to “Settings” >“Name iCloud» > Password & Security > Add Security Key.
After adding the security keys, every time you need to access your Apple ID (to install apps, make a purchase, or sign in to another device), you need to swipe the security key to the top of your phone to perform two-factor authentication (2FA). If you remove the security keys, you will automatically revert to a six-digit verification code for authentication.
The function supports keys:
- YubiKey 5 NFC;
- YubiKey 5C NFC;
- YubiKey 5Ci;
- FEITAN ePass K9 NFC;
- Google Titan.
The keys support the following connection types:
- NFC (only with iPhone);
- USB-C (with most Macs and iPhone via Lightning to USB-C adapter);
- Lightning (from iPhone);
- USB-A (with older Macs and newer ones via a USB-A to USB-C adapter).
Hardware security keys are small physical devices in the form of an NFC flash drive that you can connect to your Mac or iPhone. They are used as an additional two-factor authentication step for an Apple ID instead of the usual six-digit verification code. Even if a phishing attack can steal your credentials, an attacker will not be able to log in without having access to the hardware security key.