iOS 12 will make it much easier to keep your online accounts secure
Two-factor authentication is about to get a lot easier to manage in iOS 12. The upcoming software for iPhone and Android will be able to automatically enter the one time use code sent to you via text, bringing to an end the awkward juggle as you switch between different apps.
I’ve very quickly become a massive bore about online security, and two-factor authentication (2FA for short) is the thing I’m constantly pestering everyone to enable.
Read more: Amazon Prime Day
Enabling 2FA means you need to have access to you own phone in order to log into your account. Even if online criminals get your password, they’re not getting into your account without your phone.
But even a security bore like me can see that 2FA is a bit of a hassle. Enabling it is generally easy enough, but having to constantly jump into your text messaging app to find and remember a long code can be a hassle.
iOS 12 changes this (as reported by Phone Arena) by automatically reading the code as soon as it comes in as a text message. Yes, it’s a feature that’s been available in Android for a while now, but that doesn’t stop the fact that it turns 2FA from something you feel guilty about not doing, to something you can do without really having to think about it.
Stopping short of a perfect solution
Once again, I’m a security bore, and so I’m going to ruin everyone’s day by explaining why Apple still needs to go further. Sorry guys.
The problem with using text messages for 2FA is that they’re not encrypted, and so in theory a hacker could intercept your code and enter it themselves.
Related: Internet Security: A power user’s guide
That’s why most security experts will recommend that you use a code-generating app instead. Google Authenticator is pretty good, while Duo has a nice push notification feature that makes using it even easier for sites that support it.
These apps can also be used even if you don’t have an internet connection.
iOS 12 has taken a big step forward in making it easier for everyone to enable and use 2FA, now it just needs to take one more step to close the small remaining loophole.
What’s your online security like? Let us know @TrustedReviews.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
