Apple this week released iOS 16.3 and macOS Ventura 13.2, bringing an overdue feature to our Apple devices: Security Key Support for Apple IDs. This means you can use a USB-C, Lightning, or NFC dongle as a second factor of authentication instead of the six-digit verification code that Apple typically sends to another device.
As Apple explains, a physical key strengthens the two-factor authentication process and helps prevent codes from being intercepted or requested by an attacker. With a security key, your account authentication is literally in your hands and no one else has access to it. However, if you lose your trusted security keys, you could be permanently locked out of your account.
To prevent this from happening, Apple needs two FIDO-certified security keys to use the new feature so you have a backup. Among the recommended keys are YubiKey’s NFC, USB-C, and Lightning keys as well as the Feitan ePass K9 key, though any FIDO-certified key with the appropriate connector should work. Apple notes that NFC keys will be alone works on iPhone and USB-C drives should work with an iPhone using a USB-C to Lightning adapter.
Some Apple ID sign-in features don’t work with security keys:
- You can’t sign in to iCloud for Windows.
- You can’t connect to older devices that can’t be updated to iOS 16.3, iPadOS 16.3, or macOS 13.2.
- Child accounts and Managed Apple IDs are not supported.
Also, an Apple Watch paired with a family member’s iPhone will not be supported. Apple says you’ll need to set up your watch with your own iPhone to use a passkey.
If you can get past all that, the process is simple. Head to the Settings app (System Settings on Mac), tap your Apple ID name, then Password and Security and Add security keys, and follow the prompts to save your key. You will need to stay signed in to all active devices to continue using a passkey. To complete the process, you will be signed out of all devices that have not been updated to iOS 16.3, iPadOS 16.3, or macOS 13.2.