Apple this week released iOS 16.3 and macOS Ventura 13.2, bringing an overdue feature to our Apple devices: Security key support for Apple IDs. That means you can use a USB-C, Lightning, or NFC dongle as the second factor of authentication instead of the six-digit verification code Apple usually sends to another device.
As Apple explains, a physical key strengthens the two-factor authentication process and helps prevent codes from being intercepted or requested by an attacker. With a security key, your account authentication is literally in your hands and no one else has access to it. However, if you lose your trusted security keys, you could be locked out of your account permanently.
To prevent that from happening, Apple requires two FIDO Certified security keys to use the new feature so you’ll have a backup. Among the recommended keys are NFC, USB-C, and Lightning keys from YubiKey as well as the Feitan ePass K9 key, though any FIDO Certified key with the proper connector should work. Apple notes that NFC keys will only work on the iPhone and USB-C keys should work with an iPhone using a USB-C-to-Lightning adapter.
There are also some Apple ID login features that won’t work with security keys:
- You can’t sign into iCloud for Windows.
- You can’t sign into older devices that can’t be updated to iOS 16.3, iPadOS 16.3, or macOS 13.2.
- Child accounts and Managed Apple IDs aren’t supported.
Additionally, an Apple Watch paired with a family member’s iPhone won’t be supported. Apple says you’ll need to set up your watch with your own iPhone to use a security key.
If you can get past all that, the process is simple. Head over to the Settings app (System Settings on Macs), tap your Apple ID name, then Password & Security and Add Security Keys, and follow the prompts to register your key. You’ll need to stay signed into all active devices to continue using a security key. To finish the process, you’ll be signed out of any devices that haven’t been updated to iOS 16.3, iPadOS 16.3, or macOS 13.2.