Apple released iOS 16.3 and macOS Ventura 13.2 this week, bringing an overdue feature to our Apple devices: support for Apple ID security keys. This means you can use a USB-C, Lightning, or NFC key as a second factor of authentication instead of the six-digit verification code that Apple typically sends to another device.
As Apple explains, the physical key enhances the two-factor authentication process and helps prevent an attacker from intercepting or requesting codes. With a security key, your account authentication is literally in your hands and no one else has access to it. However, if you lose trusted security keys, your account may be permanently banned.
To prevent this from happening, Apple requires two FIDO-certified security keys to use the new feature, so you’ll have a backup. Recommended dongles include YubiKey’s NFC, USB-C, and Lightning dongles, as well as the Feitan ePass K9 dongle, though any FIDO-certified dongle with the proper connector should work. Apple notes that NFC keys will be Only work on iPhone, and USB-C dongles should work with iPhone when using a USB-C-to-Lightning adapter.
There are also some Apple ID sign-in features that won’t work with security keys:
- You can’t sign in to iCloud for Windows.
- You can’t sign in to older devices that can’t be updated to iOS 16.3, iPadOS 16.3, or macOS 13.2.
- Child accounts and managed Apple IDs are not supported.
Also, an Apple Watch paired with a family member’s iPhone will not be supported. Apple says you need to set up the watch with your own iPhone in order to use the security key.
If you can get through it all, the process is simple. Go to the Settings app (System Preferences on Mac), tap your Apple ID name, then password and safety and Add electronic keysand follow the instructions to register the key. To continue using the dongle, you need to stay logged in on all active devices. To complete the process, you’ll be signed out on all devices that haven’t been updated to iOS 16.3, iPadOS 16.3, or macOS 13.2.