Security and your Apple ID

Find out more about security and your Apple ID.

Your Apple ID is the account you use to access Apple services, such as the App Store, Apple Music, iCloud, iMessage, FaceTime and more. It includes the email address and password you use to sign in, as well as the contact, payment and security details you use across Apple services. Apple takes the privacy of your personal information very seriously and employs industry-standard practices to keep your Apple ID safe.

Here are some of best practices you can follow to maximise the security of your account. 

Use a strong password for your Apple ID

Apple policy requires you to use strong passwords for your Apple ID. Your password must have eight or more characters and include upper and lowercase letters, and at least one number. You can also include extra characters and punctuation marks to make your password even stronger. Apple also uses other password rules to make sure your password isn't easy to guess.

If you don't think you have a strong password, visit your Apple ID account page to reset your password as soon as possible.

Make the answers to your security questions hard to guess

Apple uses security questions to provide you with a secondary method to identify yourself online or when contacting Apple Support. Security questions are designed to be memorable to you, but hard for anyone else to guess. When used in conjunction with other identifying information, they help Apple verify that you are the person who is requesting access to your account. If you haven't selected your security questions, visit your Apple ID account page to set them up.

Protect your account with two-factor authentication

Apple offers an improved security method called two-factor authentication that’s designed to ensure that you’re the only person who can access your account, even if someone else knows your password. When you enter your Apple ID and password for the first time on a new device, you'll be asked to verify your identity via a six-digit verification code. This code will be displayed automatically on your other devices, or sent to a phone number you trust. Just enter the code, which will sign you in and let you access your account on the new device. Never share your password or verification code with anyone else.

If you're using iOS 11.3 or later on your iPhone, you may not need to enter a verification code. In some cases, your trusted phone number can be verified automatically in the background on your iPhone. It’s one less thing to do, and your account will still be protected with two-factor authentication.

Two-factor authentication is built directly into iOS, macOS, tvOS, watchOS and Apple’s websites. You can use two-factor authentication with your Apple ID if you have a device that's using the latest iOS or macOS, or if you have access to a web browser and a phone number. Two-factor authentication is the default security method for some new Apple IDs created on iOS 10.3 or later and macOS 10.12.4 or later.

If you don’t have devices that can be updated to iOS 9 or later, or OS X El Capitan or later, you can set up two-step verification for your Apple ID instead.

You need two-factor authentication to use certain features that require improved security.

Check for encryption and SSL

All web pages where you can view or change your Apple ID use Secure Sockets Layer (SSL) to protect your privacy. In Safari, look for the Lock icon  in your browser when accessing your account at your Apple ID account page to be safe in the knowledge that your session is fully encrypted and secure.

Employee privacy and security policies

In addition to strong passwords, encryption and other technology, Apple has strict policies and procedures in place to prevent unauthorised access of your account. Without proof of your identity via a temporary Support PIN and other carefully selected criteria, Apple Support can't help you perform any actions on your account. These policies are audited and reviewed on a regular basis.

Other tips for keeping your account secure

Good online security requires a combination of practices by companies using Internet services and informed behaviour by users. Below are some tips you should follow to maximise security when using your Apple ID and other online accounts.

Password tips: 

  • Always use a strong password.
  • Never use your Apple ID password for other online accounts.
  • Change your password regularly and avoid reusing old passwords.
  • Choose security questions and answers that can't be easily guessed. Your answers can even be nonsense, just as long as you can remember them. For example, for the security question "What is your favourite colour?" You could set the answer as "Mozart".

Account tips:

  • If you abandon an email address or phone number associated with your Apple ID, make sure you update your Apple ID with up-to-date information as soon as possible.
  • Set up two-factor authentication for your Apple ID to add an extra layer of security to your account and eliminate the need for security questions.
  • Avoid phishing scams. Don’t click links in suspicious emails or text messages, and never provide personal information on any website you aren’t certain is legitimate. Find out how to identify phishing attempts.
  • Don’t share your Apple ID with other people, even family members.
  • When using a public computer, always sign out when you've finished your session to prevent other people from accessing your account.

Never provide your password, security questions, verification codes, recovery key or any other account security details to anyone else. Apple will never ask you for this information.

If Apple Support needs to verify your identity, we may ask you to generate a temporary Support PIN. We'll only ask for this information over the phone after you've contacted Apple Support for help.

Learn more

Find out what to do if you think your account information has been compromised. If you need more help, contact Apple Support.

FaceTime isn't available in all countries or regions.

Published Date: