Catalin Nichita
Gepostet von Catalin Nichita,

What is two-factor authentication (2FA)?

Two-factor authentication (2FA) is a security feature that was introduced in iOS 9 / OSX El Capitan. This method is designed to prevent the access to an account, even if the password is known by others.

Two-factor authentication (2FA) allows access to iCloud accounts only for the devices you trust (a device you own and have access to). The password is useless if an attacker, for example, doesn’t have access to your trusted devices.

This security feature was implemented after another protection technology used by Apple and called two-step verification (2SV).

Two-factor authentication

Why are additional authentication steps necessary?

Is a password not enough to protect your sensible iCloud data? The answer is no.

Even if your password is long and complicated there is always a possibility to lose it or make it accessible to someone else. The servers where the encrypted passwords are stored can be hacked or your computer can be virused and compromised. In this situation, no one can be 100% sure that their account is not accessed by a third-party, without their knowledge.

There are three types of authentication factor:

  • based on something you know (a password, for example)
  • based on something you have (a device, in this case)
  • based on something you know and at the same time have

How does 2FA work?

The two-factor authentication (2FA) method works in this way:

  1. If the user wants to get into his account, he needs to enter his username and the pass in two separate fields
  2. If the credentials are correct, the user will receive a code on all his trusted devices, associated with that account. The difference is that this time the code is not sent to the device. Instead, a signal is sent to it and this unlocks a code on it, which is displayed on the screen.
  3. The code from the device should be inserted in the special field from iCloud. Once the second verification key is checked by server, you’ll have access to your iCloud account. If you confirm the message from the screen, the browser used for access and the device will become trusted and can be utilized without any two-factor authentication (2FA) verifications in the future.
    iCloud verification code

What's the difference between 2SV and 2FA?

The main differences between these verification methods are:

  • Two-step verification (2SV) requires choosing a particular trusted device to be challenged, and this will be the device that receives the code. The code will be four digits long
  • Two-factor authentication (2FA) challenges all trusted devices. When a trusted device is challenged with 2FA, it doesn't receive anything, it actually generates the code, which is six digits long

Two-step verification (2SV) is a little bit different compared with 2FA, and works in this way:

  1. When the user wants to access his account he should enter his username and the password
  2. The user receives a call or SMS with a password or code. The access code is sent to a previously confirmed device (usually registered when the account was made)
  3. The code should be introduced in a special field in a limited period. If the code expires because it was not inserted you’ll need a new code if you want to access your account

As you can see, two-factor authentication (2FA) differs from the two-step verification (2SV) mechanism used in previous IOS and OS X versions.

Why you should activate two-factor authentication (2FA)?

The security risks are increasing day by day. The attackers usually want to steal private data or different credentials (as credit cards data for example) in order to use them for various activities.

The iCloud leaks of celebrity photos have shown that the password-based authentication is not enough if you need to keep your data safe. As the FBI and Apple discovered, this security leak was possible after a few targeted attacks against the emails associated with the iCloud accounts of these celebrities.

After a few fake security alerts and emails received by these celebrities, a few of them used their credentials to make their iCloud accounts “safer”. At that moment the hackers gained access to their accounts and were able to download their private data, from the iCloud.

With two-step verification (2SV) or two-factor authentication (2FA) activated, access based on the password alone becomes impossible. That’s why we recommend you to enable one of these additional security shields. Notice that two-step verification cannot be activated as long as your Apple account has two-factor authentication available.

The two-factor authentication method is not available in all regions but it’s a matter of time for all the areas to be covered.

How to activate two-factor authentication (2FA)?

To activate two-factor (2FA) authentication on your devices you should follow the next steps, depending on your operating system or device:

For Mac (OS X El Capitan or later):

  1. Click on Apple menu, choose System Preferences, tap on iCloud and access Account Details
  2. Once here, select the Security option
  3. Go to Two-Factor Authentication and choose "Turn on"

For iPhone, iPad or iPod touch (iOS 9 or later):

  1. Click on Settings then choose iCloud and select your Apple ID
  2. Tap Password & Security
  3. Select Two-Factor Authentication then tap "Turn on"

How to get an Apple ID verification code on your devices?

Once you have 2FA authentication activated, you have three options in order to get an Apple ID verification code on your devices:

  1. Generate a code using one of your devices. The advantage of this method is that you don’t need to be online to get the code. Depending on your operating system or device you should follow the next steps.
    • For iOS 9 devices and above: Click on Settings and choose iCloud then select your Apple ID username. If the device is online, select "Password & Security" then "Get Verification Code". If the device is offline, click on "Get Verification Code" and the code will be generated.
      Get verification code iPhone
    • For Mac with OS X El Capitan: Go to Apple Menu, select System Preferences, choose the iCloud option then click on Account Details. If the device is offline, click on Get Verification Code, if is online tap Password & Security then Get Verification Code.
  2. Sign in with one of your confirmed devices or access the iCloud. You’ll receive a notification with the Apple ID verification code on your trusted devices (you should tap "Allow" to do this).
    Apple ID verification code
  3. Receive a call or SMS with the Apple ID verification code, even if you don’t have a trusted device with you. The code is sent to your trusted phone number, confirmed in advance. To do this click on Didn't get a verification code on your sign-in screen and choose to receive the code on your confirmed phone number. Then check your messages or respond to the phone call from Apple SMS Apple ID verification

Can I download data from the iCloud if 2FA authentication is activated?

If you have two-factor authentication option enabled on your iPhone and you want to download your iCloud data on a computer we have good news for you.

The iPhone Backup Extractor is able to access and download your iCloud data even if you have two-factor authentication activated, as long as you have the trusted device with you, or you can confirm the authentication code generated by your device.

How to add an iCloud account with 2FA activated in the iPhone Backup Extractor

If you want to extract data from your iCloud account and you have the two-factor authentication feature activated, you need to allow the iPhone Backup Extractor to download the data. To do this it is necessary to add your iCloud account into the iPhone Backup Extractor.

Follow the next steps:

  1. Download the iPhone Backup Extractor for Windows or Mac and install it on your computer. You need a subscription for the iCloud support.
  2. Open the application, click on "Add backups" then choose the "iCloud" tab. Select the OS installed on your device and click on "Add". Add iCloud backup
  3. Select "Challenge all your devices", click on the "Challenge" button then go to your device and click “Allow”.Challenge 2FA devices
  4. The Apple ID verification code will appear on your phone. Don’t click "OK" because the code will disappear.
  5. Take the code from your phone and enter it in the dedicated field from the iPhone Backup Extractor, as you can see in the image below then click on “Submit”. Then return to your phone and click "OK".Enter Apple ID code
  6. Go to the iPhone Backup Extractor and see what you’ve got!

That’s all! Now you can download and backup any iCloud data using the iPhone Backup Extractor. On our site, you’ll find a detailed guide about how to download and extract your data from an iCloud backup. Follow the instructions and you will be able to download and extract your messages, images, videos, apps data, so on...

If you’re interested in the extraction of your data from an iCloud account with two-factor authentication (2FA) activated, and you need additional info, our iOS experts support team can help you.

We've helped over 3,000,000
people recover their lost iPhone data.
Let us help you too.

v7.3.6.1410 - 26th Okt, 2016


v7.3.6.1410 - 26th Okt, 2016

Works with Windows and Mac