With iOS 16.3, Apple brought support to physical Security Keys for Apple ID. They provide extra protection for your credentials against phishing attacks. This feature was announced last year alongside other measures to make iPhone users feel more protected, especially those who might be attacked by governments or hackers.
According to Apple, Security Keys for Apple ID is an optional advanced security feature designed for people who want extra protection from targeted attacks, such as phishing or social engineering scams.
With two-factor authentication, you must provide two pieces of information to sign in with your Apple ID to a new device or on the web.
- The first piece of information is your Apple ID password.
- A security key can act as the second piece of information instead of the six-digit verification code that is normally used.
With a physical Security Key, users can strengthen the two-factor authentication process and help prevent the second authentication factor from being intercepted or requested by an attacker.
Apple requires these items for physical Security Keys for Apple ID:
- At least two FIDO Certified security keys work with the Apple devices you use regularly.
- iOS 16.3, iPadOS 16.3, or macOS Ventura 13.2, or later on, all the devices you’re signed in with your Apple ID.
- Two-factor authentication is set up for your Apple ID.
- A modern web browser.
Although users can choose their own physical Security Keys, Apple recommends these three – as they are FIDO Certified and have a connector that works with Apple devices.
- YubiKey 5C NFC (works with most Mac and iPhone models)
- YubiKey 5Ci (works with most Mac and iPhone models)
- FEITAN ePass K9 NFC USB-A (works with older Mac models and most iPhone models)
You can learn more about them here.