How to Use Two Factor Authentication on iPhone

A single password isn't enough to secure your iOS device

Adding additional security to your accounts using the simple, powerful method of two-factor authentication (2FA) is a must for any iPhone user. It's easy to set up and use 2FA for your Apple ID, which then protects your Apple devices.

Two-factor authentication requires two pieces of information to get into an account. The first factor is almost always a username and password combination; the second factor is often a randomly generated PIN.

Apple's 2FA system works this way. It randomly creates a PIN when you request one. You use it and then the system discards the code. Because each PIN is used just once, it's tough to crack.

Instructions in this article apply to iPhones running iOS 10.3 or higher.

How to Set up Two-Factor Authentication on Your Apple ID

Your Apple ID is the most critical account on your iPhone. When you secure your Apple ID with two-factor authentication, only trusted devices can access it, and you decide which ones to authorize. A hacker won't be able to access your account unless they're using your iPhone, iPad, iPod Touch, or Mac.

Follow these steps to enable this extra layer of security:

  1. Open the Settings app, then tap your name.

  2. On the Apple ID screen, tap Password & Security.

    Settings, Account page, and Password & Security options on an iPhone
  3. Tap Turn on Two-Factor Authentication, then tap Continue.

  4. Choose a trusted phone number where Apple will send the two-factor authentication code during set up and in the future.

    You can add more than one trusted phone number.

  5. Enter the code you use to unlock your iPhone.

  6. Choose to receive verification codes in a text message or phone call, then tap Send to save your choices.

    Entering a trusted phone number on an iPhone
  7. Once Apple's servers have verified that the code is correct, two-factor authentication is enabled for your Apple ID.

Secure your iPhone with a passcode (and, ideally, Touch ID or Face ID) to prevent a thief from accessing the phone.

How to Use Two-Factor Authentication on Your Apple ID

With your account secured, you won't need to enter the second factor on the same device again unless you completely sign out or erase the device. You'll only need to enter it if you want to access your Apple ID from a new, non-trusted device.

To authorize a new device:

  1. When you enter your Apple ID and password on a new device, a window appears on a trusted device and alerts you that someone is trying to sign in to your Apple ID. The window may include your Apple ID, the device, and the location.

    Sign-in attempt screen on a MacBook
  2. If this isn't you, or it seems suspicious, tap Don't Allow. If it's you, tap Allow.

    The options to allow or not allow a sign-in attempt to an Apple ID.
  3. Apple generates and sends a six-digit code to your iPhone.

    iPhone screens showing a sign-in attempt and the six-digit verification code
  4. Enter the code on the device you're using to sign in.

    Entering the verification code on a Mac
  5. You can now access your Apple ID.

How to Manage Your Trusted Devices on iPhone

If you need to change the status of a device from trusted to untrusted (for instance, if you sold the device without erasing it), you can do that. Here's how:

  1. Return to your account page. Open Settings and tap your name.

  2. In the Device Info screen, tap the device you want to remove, then tap Remove from Account.

  3. In the confirmation screen, tap Remove.

    Removing a device from your Apple ID
  4. Repeat these steps for any additional devices you want to remove.

How to Manage Your Trusted Devices on the Web

The process for managing devices on the internet is a little different.

  1. Sign in to your account at the Apple ID website.

  2. Scroll to the Devices section to see every device that uses your Apple ID.

    The Devices section on the Apple ID site
  3. Choose the one you want to remove, and then select Remove from account.

    Removing a device from Apple ID account
  4. Confirm your choice, and the device will leave your account.

Turn Off Two-Factor Authentication on Your Apple ID

Once two-factor authentication is enabled on your Apple ID, you cannot deactivate it. That isn't necessarily a bad thing; turning off two-factor makes your accounts more vulnerable.

Set Up Two-Factor Authentication on Other Common Accounts

Apple ID isn't the only common account on most iPhones that can be secured with two-factor authentication. Consider setting it up on any accounts that contain personal, financial, or other sensitive information. This includes setting up two-factor authentication on Gmail accounts or adding it to Facebook accounts.