Several years ago, Apple rolled out “two-step verification” to protect your Apple ID. It involved a trusted device, a password, and a recovery key you had to print and save. If you’re like me, you probably filed that key away and forgot it existed.
If so, IMMEDIATELY head to Apple and change from two-step to two-factor, because the newer system eliminates the (probably lost) recovery key!
Here is my tale of near-woe: The other night, I realized I hadn’t changed my Apple password in several years (it dated back to my iPhone 4S!) So I changed it. No big deal, right? Except the next morning, I drew a complete blank on the new password. I had a rough idea, but every guess was wrong, and I was eventually locked out of the account. No problem, I could deal with it when I reach my office. I jumped onto Apple’s site, clicked “forgot my password”, and was faced with a request for a recovery key. Oops. The good news is that over the course of 45 minutes yesterday, I cleared a ton of old junk out of my desk drawers; the bad news was that included in none of that junk was a recovery key I had printed FOUR YEARS AGO.
I didn’t panic until I called Apple. A very nice rep came on the phone, looked at my account, and then handed me off to a supervisor…who was super apologetic, but explained that Apple’s old two-step system was basically airtight. Accessing a locked account required two of three items: a password, a recovery key, or a trusted device. If the password was wrong too many times, the account would lock. Once it was locked, it required the recovery key to unlock (since the password was no longer considered secure due to too many attempts). For security reasons, Apple could not generate a new recovery key for my account. Apple did say they could walk me through creating a new ID, but that would obviously wipe out my apps, music, and other purchases.
As an aside, while they couldn’t help me fix my account, Apple’s customer service was incredibly nice, and they even followed up today to find out if I had found the key. I don’t blame them at all for my near loss of my Apple ID, and I was actually pleasantly surprised at how easy it was to get someone on the phone to attempt to help.
Thankfully, late yesterday I checked a file cabinet one more time and found the recovery key. Immediately after changing my password, I switched from the old two-step to two-factor. This functions much more like most two-step verifications do; when you go to log in from a location other than your trusted device, a pop-up lets you know and generates a code that needs to be entered along with your login. No recovery key needed.
If you’ve set up an Apple ID on a newer iOS or MacOS device, you probably have the newer two-factor enabled. However, if you set up two-step verification when it first rolled out like I did, follow these instructions to move to two-factor, preferably BEFORE you get locked out of your account!