iOS 16.3 now supports hardware security keys — what you need to know
Securing your Apple ID just got a little bit easier
If you want to keep your data safe, a password only goes so far — even if you have two-factor authentication enabled. Using a physical security key can lock your account down even further, and Apple has just launched security key support for Apple ID and iCloud accounts in iOS 16.3.
As long as you don’t use Windows, that is.
Security keys are essentially an alternative to the usual six-digit two-factor authentication codes — which Apple typically provides by SMS or as a prompt on an approved device. The benefit to account security is that you need to physically have the key before you can log in. That protects from hacking attempts, or losing your account to phishing and social engineering scams.
Of course, losing the key means you could get permanently locked out of your account. That’s presumably why Apple requires you to set up at least two security keys, in case one of them gets lost or stolen. So you better keep your spare somewhere safe and memorable. Apple lets you add up to six keys to a single account.
Support for security keys is coming as part of iOS 16.3. iPadOS 16.3 and MacOS 13.2, with support for iPhone, iPads and Macs. You’ll need to have two-factor authentication already set up to get going, as well as two FIDO certified security keys that actually work with Apple devices.
There are some caveats you should be aware of, though. The main one is that Apple doesn't support security keys on Windows, so setting one up would lock you out of your iCloud account on a Windows machine. Child accounts and Managed Apple IDs don’t support security keys either.
Finally, logging into an Apple TV, Apple Watch or Homepod after setup requires you to have an iPhone or iPad that’s been updated to iOS or iPad OS 16.3 or higher.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
You’ll also need physical access to your security key when you’re logging into your Apple account from a new device or browser, when you reset your Apple password, when you unlock your Apple ID, or should you need to add and remove security keys from your account.
How to add security keys to your Apple account on iPhone or iPad
- Go to the Settings app
- Tap your Name followed by Password & Security
- Press Add Security Keys
- Follow the on-screen instructions
Apple then recommends reviewing devices logged into your Apple ID, and sign out of any unfamiliar ones. If you want to remove your security keys you follow the same process but tap Remove All Security Keys. This will revert your account back to the traditional six-digit two-factor authentication.
How to add security keys to your Apple account on a Mac
- Open the Apple menu followed by System Settings and Your name
- Click Password & Security
- Find the Security Keys option and click Add
- Follow the on-screen instructions
Again, Apple asks that you review which devices are tied to your Apple ID, and log out of the ones you don’t want to have access to your account. Likewise, going back and clicking the Remove All Security Keys will remove the security keys from your account, and revert back to the six-digit two-factor authentication.
Tom is the Tom's Guide's UK Phones Editor, tackling the latest smartphone news and vocally expressing his opinions about upcoming features or changes. It's long way from his days as editor of Gizmodo UK, when pretty much everything was on the table. He’s usually found trying to squeeze another giant Lego set onto the shelf, draining very large cups of coffee, or complaining about how terrible his Smart TV is.
-
captainslim You’ll also need physical access to your security key when you’re logging into your Apple account from a new device or browser, when you reset your Apple password, when you unlock your Apple ID, or should you need to add and remove security keys from your account.
It’s not the case that you need a security key to add or remove security keys. You just need access to and the ability to unlock a trusted device.