iOS 16.3, iPadOS 16.3 and macOS 13.2 bring major new features to support physical security keys for Apple ID accounts. Apple says the optional security feature is designed for individuals who want “additional protection against targeted attacks like phishing or social scams. When enabled, signing in to Apple ID requires entering the user’s account password and then using a FIDO-authenticated security key to complete two-factor authentication instead of a traditional six-digit authentication code from another Apple device.
Those who enable this feature must be very careful not to lose their security keys, as this could result in permanent loss of access to their Apple ID account. Therefore, users must set up at least two security keys, with a maximum of six supported in total. Apple recommends keeping security keys in multiple locations. For example, security keys can be tucked away somewhere in the home as a backup solution.
Recently Apple officially brought out recommended physical security keys for iPhone, iPad, and Mac that require at least two FIDO-certified security keys to be enabled on Apple devices.
Apple doesn’t introduce its own physical keys. Instead, it made iPhone, iPad, and Mac compatible with existing FIDO-certified security keys. Apple recommends three specific physical security keys, while also giving the green light to other keys that meet some guidelines.
Recommended physical security keys are as follows.
- YubiKey 5C NFC – $55 each (available for most iPhones and Macs via USB-C and NFC)
- YubiKey 5Ci – $75 each (for all iPhones and most Macs via Lightning and USB-C)
- FEITAN ePass K9 NFC USB-A – $25 each (via USB-A for older Macs, via NFC for most iPhones)
For other recommended security keys, Apple says to make sure they are FIDO certified and, of course, provide connectivity for Apple devices. For example, the following USB-C and NFC options.
GeoTrust Idem Key USB-C and NFC – $35 each (available for most iPhones and Macs)
- Apple notes that NFC for security keys is only available for iPhones (iPhone 6 and newer). USB-C is available for most Macs and the latest iPads, USB-A is available for older Macs (or iPhone/iPad with Lightning adapters), and Lightning is available for iPhones and supported iPads. iPad.
Note that security keys do not work in four situations.
- Unable to sign in to iCloud for Windows.
- On older devices that cannot be updated to a software version that supports security keys, you cannot sign in.
- Child accounts and managed Apple IDs are not supported.
- Apple Watch paired with a family member’s iPhone is not supported. to use a security key, set up your watch with your own iPhone.
Here’s everything you need to use your Apple ID security key.
- At least two FIDO-authenticated security keys to connect to Apple devices
- iOS 16.3, iPadOS 16.3, or macOS Ventura 13.2 or later on all devices signed in with an Apple ID
- Set up dual authentication for Apple IDs
- Modern web browsers — if you can’t sign in to the network with your security key, update your browser to the latest version or try using a different browser
- To sign in to Apple Watch, Apple TV, or HomePod after setting up a security key, you need an iPhone or iPad with a software version that supports security keys