Last year, Apple took a big step forward when it expanded the scope of its two-factor authentication which makes it relatively hard to obtain someone else’s sensitive information.
A blog post by Dani Grant on Medium points out that Apple’s two-factor authentication doesn’t protect all of the company’s services. In order to get into services like FaceTime, iMessage, and iTunes you only need the email address associated with the user’s Apple ID and their password.
Apple is very clear in pointing out what services support two-factor authentication. It will take some time before the company can implement the security feature across all of its services, and users should not be worried if the service they use doesn’t support it.
In order for someone (malicious or not) to get into your Apple account they still need an email address and password. The chances of someone being able to break into your account can be significantly decreased by using a strong password.
Earlier this year after a leak of celebrity iCloud photos, Apple CEO Tim Cook promised that the company would enhance its two-factor authentication system. The company has not released any of these updates yet, however, Cook did not give any timeline as to when the enhanced security features would become available.
Apple’s two-factor authentication currently applies to a select group of services, including iCloud. The company has not issued any comments regarding the matter, however it will be interesting if Apple will make security a higher priority in 2015.