by Dan Moren
Apple explains its new two-factor authentication system
Apple’s rolling out a new two-factor verification system, which will debut in the public betas of iOS 9 and El Capitan:
Two-factor authentication is a new service built directly into iOS 9 and OS X El Capitan. It uses different methods to trust devices and deliver verification codes, and offers a more streamlined user experience. The current two-step verification feature will continue to work separately for users who are already enrolled.
This fall’s releases are shaping up to be some of the most security conscious. In addition to the new two-factor system, Apple’s upping the default passcode length on iOS 9 to six digits from four and implementing new capabilities for Touch ID and the keychain.
Before WWDC this year, there was much buzz about a “rootless” security system in OS X; while it didn’t end up getting a spot in the keynote, the feature is there, under the admittedly less buzzy name of “System Integrity Protection.” The goal is to prevent the root user–who normally wields essentially unchecked powers–from being exploited by malicious code or attackers, though there are some questions about whether certain types applications will continue to exist.
Overall, though, I argue it’s good to see Apple make security a priority. I’m hopeful that increasing passcode length on iOS and providing a more seamless two-factor experience across its platform will up the average user’s security game.