Apple now protects FaceTime and iMessage with two-step verification

Apple’s two-step login security is now keeping hackers away from some of the company’s popular services — not just iCloud. iMessage and FaceTime both take advantage of the added verification measure, which requires users to enter a unique code in addition to the regular account password before they’re able to send messages or launch a video chat. The Guardian first reported Apple’s latest expansion of two-step verification.

If you’re already signed into FaceTime or iMessage on an iOS device, you won’t suddenly need to worry about authenticating your identity. But if you log out of either service and attempt to sign back in, that’ll trigger the two-step verification. In the case of FaceTime, Apple requires you to log into your account on the web and generate an app-specific password to regain access. That’s a bit different than signing into iCloud; in that scenario, Apple sends a four-digit code to the mobile phone number on file for your account.

Apple first switched on two-step verification in 2013 in hopes of foiling unauthorized changes to account details. It later brought the extra layer of security to iCloud after celebrities had their Apple accounts breached and nude photos were leaked onto the web last year. The company now immediately notifies users by email whenever their account logs into a new device or the iCloud website. But before today, Apple’s implementation of two-factor didn’t guard against unauthorized access to FaceTime and iMessage; an Apple ID email address and password were enough to get it. That’s changed now, though MacRumors notes that not all users are being prompted about the added security precaution. At least from our tests, the feature seems to be up and running.