Rui CarmoIt’s half-baked.
I am clearly in the minority that thinks of two-factor authentication in and by itself as security voodoo to appease the unwashed masses – especially if you don’t follow it up with privilege separation – and I’m going to stick to my guns on this one.
This is because from what I’m reading, it only applies to purchasing content and managing your Apple ID, and therefore makes it half a solution for those of us who find it incredibly backwards that there is no separation whatsoever between iCloud service access (mail, calendaring, storage) and billing info.
The way things stand right now (and even after two-factor authentication, such as described above, is active), once your account is compromised via a bug in one of those services or malfeasance and your password is exposed, it’s completely compromised.
Yes, that’s right. Sure, with two-factor authentication you’d be able to regain control of your account, but nightmare wipeout scenarios like Matt Honan’s are still possible, since with your password a hacker can delete your mail account, calendars, contacts, and whatnot – and, horrifically, it looks like remote wipe of Macs and iOS devices isn’t protected by two-factor authentication (but at this stage there is still little info, and I might well be wrong).
Like I wrote a while back, it is positively idiotic that the very same Apple ID and password I use for the App Store or to manage my iCloud account is also used to access my e-mail and Messages. Google (for all their whimsy regarding service life cycles) does this right by allowing me to manage service passwords.
Also of note is the utter lack of grouping for Apple IDs, or being able to set up family accounts in iCloud.
My ideal scenario would be to have a single username and password for purchasing apps and content – which would indeed have two-factor authentication – and completely separate user/service accounts for iCloud (which might or might not). That way I could segregate apps, data, and services to minimize risk and manage my family’s stuff.
Again, Google does this right – in Apps for Domains, where a master account can manage a set of services for accounts under the same domain, and where you can set up two-factor authentication for any account1.
But one requirement for this that I don’t see Apple doing anytime soon is being able to migrate all my purchases (and my wife’s) to another Apple ID. I’d actually pay to be able to maintain my current Apple ID for mail, Messages, and iCloud and transfer all my purchases to a family account ID that held no services whatsoever.
But I digress.
The way I see it, Apple’s two-factor authentication will be a dud not because it prevents people who know your password from buying apps and content on other devices without your consent, but because besides making it harder to perform legitimate purchases2, it won’t improve the security of your mail or your iCloud data3 one whit – your contacts, calendars, documents, and whatnot are still out on a limb.
Remember that once you start fiddling with Find My iPhone to get a verification code for purchasing the next Angry Birds.
And back up often, just in case.
-
My e-mail for this domain (and a few other things) are hosted in Google Apps for Domains, and I use two-factor authentication and separate IMAP passwords because the whole thing is well thought out and well implemented. ↩︎
-
Ironically, I can see most people I know (even security-conscious folk) switching it off after they find it inconvenient to jump through hoops to grab the latest trendy €1.99 game. ↩︎
-
And between someone downloading a €1.99 game with your account or having access to those documents your bank/broker/bookie/whatever e-mailed you, which would you pick? ↩︎