iCloud

Use a strong password

As with everything, make sure you use a strong unique password for your email account.

Use 2-Step Verification

Turn on two-factor authentication on your iPhone, iPad, or iPod touch:

  • Go to Settings > [your name] > Password & Security.
  • Tap Turn On Two-Factor Authentication.
  • Tap Continue.
  • Enter the phone number where you want to receive verification codes when you sign in. You can choose to receive the codes by text message or automated phone call.
  • Tap Next.
  • Enter the verification code to verify your phone number and turn on two-factor authentication.

You might be asked to answer your Apple ID security questions.

Turn on two-factor authentication on your Mac

  • Choose Apple menu > System Preferences, then click Apple ID.
  • Click Password & Security under your name.
  • Next to Two-Factor Authentication, click Turn On.

If you’re using macOS Mojave or earlier:

  • Choose Apple menu > System Preferences, then click iCloud, and select Account Details.
  • Click Security.
  • Click Turn On Two-Factor Authentication.

Some Apple IDs created in iOS 10.3 or macOS 10.12.4 and later are protected with two-factor authentication by default. In this case, you see that two-factor authentication is already turned on.

Upgrade to two-factor authentication on the web

  • Go to appleid.apple.com, then sign in with your Apple ID.
  • Answer your security questions, then tap Continue.
  • You’ll see a prompt to upgrade your account security. Tap Continue.
  • Click Upgrade Account Security.
  • Enter the phone number where you want to receive verification codes when you sign in. You can choose to receive the codes by text message or automated phone call.
  • Click Continue.
  • Enter the verification code to verify your phone number and turn on two-factor authentication.

If you have an Apple ID that’s not protected by two-factor authentication, some Apple web sites might ask you to update your account.

What to remember when you use two-factor authentication

Two-factor authentication significantly improves the security of your Apple ID. After you turn it on, signing into your account will require both your password and access to your trusted devices or trusted phone number. To keep your account as secure as possible and help ensure you never lose access, there are a few simple guidelines you should follow:

  • Remember your Apple ID password.
  • Use a device passcode on all your devices.
  • Keep your trusted phone number(s) up to date.
  • Keep your trusted devices physically secure.
    • Overview specifics → https://support.apple.com/en-us/HT202303
    • General steps → https://kapsnotes.com/tech/security/how-to-protect-icloud-account/

Sign in Settings

Avoid saving passwords to your apple account and using it as password manager. Avoid signing in with your Apple account. Rely on a separate password manager instead.