Double security (2FA) within Apple Keychain
Apple has integrated Two-Factor Authentication (2FA) into macOS and iOS through Keychain. I explain how 2FA works and how it looks.

This article is for you when you want to improve and simplify your cybersecurity and you :
- Use a Mac and an iPhone together
- Use Apple Keychain for passwords
- Sync via the cloud
- Your default browser is Safari.
So this is a bit of an article for the fans. I also already apologize because the content here probably is outdated when the next update is done.
Apple doesn't advertise it much, and I get that. With 2FA you add security but rarely ease of use. Also, the current flows are certainly not without bumps.
I wrote another article about what Two-Factor Authentication is, and why this is important. The process consists of two steps. Creating a token once and later entering codes in browser or app.
The set-up per account
To use 2FA and the codes, you first request a token. When you request the token, it is stored and activated by an initial entry of the One Time Password (probably a six-digit code).
So it can be that you handle everything on the phone or computer, or that you let them work together. The latter is kind of easy. I took a Google Account as an example.
There, you go to the settings and look under security for Two-Factor Authentication. You indicate that you have an app, and then you can start. A QR tag appears that you just scan with your camera:

Clicking it opens your password repository with Google accounts, and you manually link the request to the correct account. When you only have one account, it is even easier.

Then you confirm the link by typing the first code and then 2FA is set. The settings will be backed up in the iCloud and shared between macOS en iOS.
Entering codes when asked
An application occasionally asks for the One Time Password code. I'll briefly show how iOS and macOS handle that request.
On the iPhone
After entering username and password, the code field appears, and you choose the correct account, the code is entered. You can also choose to type them manually.
On the Mac
On the computer, a dropdown appears if you have multiple accounts with 2FA. You choose the correct one and the code is entered.
Keychain is my password manager of choice
Keychain does everything I need from a password manager. It safely stores passwords across devices, helps me generate new passwords and I can add 2FA in a seamless flow.
Also, I can exchange accounts easily with my partner by airdropping them when necessary.
New development on the horizon are Passkeys which might replace passwords all together.


Comments ()