这篇是初探苹果开发者中心子内容拓展续篇。
【本篇说明发布日期为2019年2月25日与截图时间一致,不能保证后续苹果公司相关说明情况是否会调整更新,望各位大佬和萌新仅作为参考使用】
二、初探苹果开发者中心
6.登记前Apple ID 的双重认证(Two-factor authentication for Apple ID)
点击说明中的链接进入双重认证页面了解其说明内容。
//-----------------------------------------英文版
英文地址:https://support.apple.com/en-us/HT204915
Two-factor authentication for Apple ID
Two-factor authentication is an extra layer of security for your Apple ID designed to ensure that you’re the only person who can access your account, even if someone knows your password.
How it works
Manage your account
What if I forget my password?
and other questions
How it works
With two-factor authentication, your account can only be accessed on devices you trust, like your iPhone, iPad, or Mac. When you want to sign in to a new device for the first time, you’ll need to provide two pieces of information—your password and the six-digit verification code that’s automatically displayed on your trusted devices. By entering the code, you’re verifying that you trust the new device. For example, if you have an iPhone and are signing into your account for the first time on a newly purchased Mac, you’ll be prompted to enter your password and the verification code that’s automatically displayed on your iPhone.
Because your password alone is no longer enough to access your account, two-factor authentication dramatically improves the security of your Apple ID and all the personal information you store with Apple.
Once signed in, you won’t be asked for a verification code on that device again unless you sign out completely, erase the device, or need to change your password for security reasons. When you sign in on the web, you can choose to trust your browser, so you won’t be asked for a verification code the next time you sign in from that computer.
Trusted devices
A trusted device is an iPhone, iPad, or iPod touch with iOS 9 and later, or a Mac with OS X El Capitan and later that you’ve already signed in to using two-factor authentication. It’s a device we know is yours and that can be used to verify your identity by displaying a verification code from Apple when you sign in on a different device or browser.
Trusted phone numbers
A trusted phone number is a number that can be used to receive verification codes by text message or automated phone call. You must verify at least one trusted phone number to enroll in two-factor authentication.
You should also consider verifying an additional phone number you can access, such as a home phone, or a number used by a family member or close friend. You can use this number if you temporarily can’t access your primary number or your own devices.
Verification codes
A verification code is a temporary code sent to your trusted device or phone number when you sign in to a new device or browser with your Apple ID. You can also get a verification code from Settings on your trusted device.
A verification code is different from the device passcode you enter to unlock your iPhone, iPad, or iPod touch.
Set up two-factor authentication for your Apple ID
Two-factor authentication is available to iCloud and iTunes users with at least one device that’s using the latest iOS or macOS. Learn more.
You can follow these steps on your iPhone, iPad, or iPod touch to turn on two-factor authentication.
Turn on two-factor authentication in Settings
If you’re using iOS 10.3 or later:
Go to Settings > [your name] > Password & Security.
Tap Turn On Two-Factor Authentication.
Tap Continue.
If you’re using iOS 10.2 or earlier:
Go to Settings > iCloud.
Tap your Apple ID > Password & Security.
Tap Turn On Two-Factor Authentication.
Tap Continue.
You might be asked to answer your Apple ID security questions.
Enter and verify your trusted phone number
Enter the phone number where you want to receive verification codes when you sign in. You can choose to receive the codes by text message or automated phone call.
When you tap Next, Apple sends a verification code to the phone number you provided.
Enter the verification code to verify your phone number and turn on two-factor authentication.
Follow these steps on your Mac with OS X El Capitan or later:
Go to Apple () menu > System Preferences > iCloud > Account Details.
Click Security.
Click Turn On Two-Factor Authentication.
Some Apple IDs created in iOS 10.3 or macOS 10.12.4 and later are protected with two-factor authentication by default. In this case, you see that two-factor authentication is already turned on.
If you already use two-step verification and want to update, turn it off, then turn on two-factor authentication.
If your account isn’t eligible for two-factor authentication, you can still use two-step verification to protect your information.
What to remember when you use two-factor authentication
Two-factor authentication significantly improves the security of your Apple ID. After you turn it on, signing into your account will require both your password and access to your trusted devices or trusted phone number. To keep your account as secure as possible and help ensure you never lose access, there are a few simple guidelines you should follow:
Remember your Apple ID password.
Use a device passcode on all your devices.
Keep your trusted phone number(s) up to date.
Keep your trusted devices physically secure.
Manage your account
You can manage your trusted phone numbers, trusted devices, and other account information from your Apple ID account page.
Keep your trusted phone numbers up to date
To use two-factor authentication, you need at least one trusted phone number on file where you can receive verification codes. Consider verifying an additional trusted phone number other than your own phone number. If your iPhone is your only trusted device and it is missing or damaged, you will be unable to receive verification codes required to access your account.
You can update your trusted phone numbers when you follow these steps:
Go to your Apple ID account page.
Sign in with your Apple ID.
Go to the Security section and click Edit.
If you want to add a phone number, click Add a Trusted Phone Number and enter the phone number. Choose to verify the number with a text message or automated phone call, and click Continue. To remove a trusted phone number, click x icon next to the phone number you want to remove.
View and manage your trusted devices
You can view and manage a list of your trusted devices in the Devices section of your Apple ID account page.
Go to your Apple ID account page.
Sign in with your Apple ID.
Go to the Devices section.
The device list shows the devices that you’re currently signed in to with your Apple ID. Select a device to view the model, serial number, and other useful information, including whether or not the device is trusted and can be used to receive Apple ID verification codes.
You can also remove a trusted device. Removing a trusted device will ensure that it can no longer display verification codes and that access to iCloud, and other Apple services on the device, is blocked until you sign in again with two-factor authentication. If you need to find or erase your device before you remove it from your trusted device list, you can use Find My iPhone.
Generate app-specific passwords
With two-factor authentication, you need an app-specific password to sign in to your account using third-party apps or services such as email, contacts, or calendar apps not provided by Apple. Follow these steps to generate an app-specific password:
Sign in to your Apple ID account page.
Click Generate Password below App-Specific Passwords.
Follow the steps on your screen.
After you generate your app-specific password, enter or paste it into the password field of the app as you would normally.
Frequently asked questions
Need help? You might find the answer to your question below.
What if I forget my password?
You can reset or change your password from your trusted device when you follow these steps.
On your iPhone, iPad, or iPod touch:
Go to Settings > [your name]. If you’re using iOS 10.2 or earlier, go to Settings > iCloud > tap your Apple ID.
Tap Password & Security > Change Password.
Enter a new password.
On your Mac:
Go to > System Preferences > iCloud.
Choose Account Details. If you’re asked to enter your Apple ID password, click Forgot Apple ID or password and follow the onscreen instructions. You can skip the steps below.
Click Security > Reset Password. Before you can reset your Apple ID password, enter the password used to unlock your Mac.
What if I can’t access a trusted device or didn’t receive a verification code?
If you’re signing in and don’t have a trusted device handy that can display verification codes, you can have a code sent to your trusted phone number via text message or an automated phone call instead. Click Didn’t Get a Code on the sign in screen and choose to send a code to your trusted phone number. You can also get a code directly from Settings on a trusted device. Learn how to get a verification code.
If you use iOS 11.3 or later on your iPhone, you might not need to enter a verification code. In some cases, your trusted phone number can be automatically verified in the background on your iPhone. It’s one less thing to do, and your account is still protected with two-factor authentication.
If I can’t sign in, how do I regain access to my account?
If you can’t sign in, access a trusted device, reset your password, or receive verification codes, you can request account recovery to regain access to your account. Account recovery is an automatic process designed to get you back in to your account as quickly as possible while denying access to anyone who might be pretending to be you. It might take a few days—or longer—depending on what specific account information you can provide to verify your identity.
Do I still need to remember any security questions?
No. With two-factor authentication, you don’t need to remember any security questions. We verify your identity exclusively using your password and verification codes sent to your trusted devices and phone numbers. When you enroll in two-factor authentication, we keep your old security questions on file for two weeks in case you need to return your account to its previous security settings. After that, they’re deleted.
Can Apple Support help me regain access to my account?
Apple Support can answer your questions about the account recovery process, but can’t verify your identity or expedite the process in any way.
What are the system requirements for two-factor authentication?
For the best experience, make sure that you meet these system requirements on all of the devices you use with your Apple ID:
iPhone, iPad, or iPod touch with iOS 9 and later
Mac with OS X El Capitan and iTunes 12.3 and later
Apple Watch with watchOS 2 and later
Apple TV (4th generation) with tvOS
Windows PC with iCloud for Windows 5 and iTunes 12.3.3 and later
Can Apple IDs created for children use two-factor authentication?
Yes. Any Apple ID that meets the basic system requirements can enroll in two-factor authentication. Learn more about who can use two-factor authentication.
What if I don’t recognize the location shown in my sign in notification?
When you sign in on a new device, you’ll get a notification on your other trusted devices that includes a map showing the approximate location of the new device. This is an approximate location based on the IP address the device is currently using, rather than the exact location of the device. The location shown might reflect the network you’re connected to, and not your physical location.
If you know you’re the person trying to sign in but you don’t recognize the location shown, you can still tap Allow and continue signing in. However, if you ever see a notification that your Apple ID is being used to sign in on a new device and you’re not the one signing in, tap Don’t Allow to block the sign in attempt.
What if I use two-factor authentication on a device running older software?
If you use two-factor authentication with devices running older OS versions—like an Apple TV (2nd or 3rd generation)—you might be asked to add your six-digit verification code to the end of your password when signing in. Get your verification code from a trusted device running iOS 9 and later or OS X El Capitan and later, or have it sent to your trusted phone number. Then type your password followed by the six-digit verification code directly into the password field.
Can I turn off two-factor authentication after I’ve turned it on?
If you already use two-factor authentication, you can no longer turn it off. Certain features in the latest versions of iOS and macOS require this extra level of security, which is designed to protect your information. If you recently updated your account, you can unenroll for two weeks. Just open your enrollment confirmation email and click the link to return to your previous security settings. Keep in mind, this makes your account less secure and means that you can’t use features that require higher security.
Is this different than Apple’s current two-step verification feature?
Yes. Two-factor authentication is built directly into iOS, macOS, tvOS, watchOS, and Apple’s web sites. It uses different methods to trust devices and deliver verification codes, and offers a more streamlined user experience. You need two-factor authentication to use certain features that require improved security.
The older two-step verification feature continues to work separately for users who are already enrolled.
Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Risks are inherent in the use of the Internet. Contact the vendor for additional information. Other company and product names may be trademarks of their respective owners.
Published Date: December 8, 2018
//-----------------------------------------中文版
中文地址:https://support.apple.com/zh-cn/HT204915
Apple ID 的双重认证
双重认证是为 Apple ID 提供的一层额外安全保护,旨在确保只有您可以访问自己的帐户,即使其他人知道您的密码也无法访问。
工作原理
管理您的帐户
如果我忘记了密码该怎么办?
以及其他问题
工作原理
有了双重认证,只能通过您信任的设备(如 iPhone、iPad 或 Mac)才能访问您的帐户。首次登录一台新设备时,您需要提供两种信息:您的密码和自动显示在您的受信任设备上的六位验证码。输入验证码后,您即确认您信任这台新设备。例如,如果您有一台 iPhone 并且要在新购买的 Mac 上首次登录您的帐户,您将收到提示信息,要求您输入密码和自动显示在您 iPhone 上的验证码。
由于只输入密码不再能够访问您的帐户,因此双重认证显著增强了 Apple ID 以及所有通过 Apple 储存的个人信息的安全性。
登录后,系统将不会再次要求您在这台设备上输入验证码,除非您完全退出登录帐户、抹掉设备数据或出于安全原因而需要更改密码。当您在 Web 上登录时,可以选择信任您的浏览器,这样当您下次从这台电脑登录时,系统就不会要求您输入验证码。
受信任设备
受信任设备是已使用双重认证登录的设备,可以是装有 iOS 9 及更高版本的 iPhone、iPad 或 iPod touch 或者装有 OS X El Capitan 及更高版本的 Mac。我们知道这是您的设备,并且当您在其他设备或浏览器上登录时,这台受信任设备将显示 Apple 提供的验证码来验证您的身份。
受信任电话号码
受信任电话号码是指可通过短信或自动语音电话接收验证码的号码。您必须至少验证一个受信任电话号码才能注册双重认证。
您还应该考虑再验证另外一个您可以使用的电话号码,如家庭电话号码或亲朋好友所用的号码。如果您暂时无法使用您的主号或您自己的设备,则可以使用这个备用号码。
验证码
验证码是您使用 Apple ID 登录新设备或浏览器时,发送到您的受信任设备或电话号码的临时代码。您也可以从受信任设备的“设置”中获取验证码。
验证码不同于您输入以用于解锁 iPhone、iPad 或 iPod touch 的设备密码。
为 Apple ID 设置双重认证
任何 iCloud 和 iTunes 用户只要至少拥有一台装有最新版 iOS 或 macOS 的设备,都可以使用双重认证。进一步了解。
您可以在 iPhone、iPad 或 iPod touch 上按照以下步骤来开启双重认证。
在“设置”中开启双重认证
如果使用的是 iOS 10.3 或更高版本:
前往“设置”>“[您的姓名]”>“密码与安全性”。
轻点“开启双重认证”。
轻点“继续”。
如果使用的是 iOS 10.2 或更低版本:
前往“设置”>“iCloud”。
轻点您的 Apple ID >“密码与安全性”。
轻点“开启双重认证”。
轻点“继续”。
系统可能会要求您回答 Apple ID 安全提示问题。
输入并验证受信任的电话号码
输入您想要在登录时用来接收验证码的电话号码。您可以选择是通过短信还是自动语音来电接收验证码。
轻点“下一步”后,Apple 会向您提供的电话号码发送验证码。
输入验证码以验证您的电话号码,然后打开双重认证。
在装有 OS X El Capitan 或更高版本的 Mac 上,请按照以下步骤操作:
前往苹果 () 菜单 >“系统偏好设置”>“iCloud”>“帐户详细信息”。
点按“安全性”。
点按“开启双重认证”。
在 iOS 10.3 或 macOS 10.12.4 及更高版本中创建的某些 Apple ID 默认受双重认证保护。如果是这样,您会发现这些设备上已打开双重认证。
如果您已经在使用两步验证并想要更新安全设置,请将两步验证关闭,然后再打开双重认证。
如果您的帐户不符合双重认证条件,您仍可使用两步验证来保护您的信息。
使用双重认证时的注意事项
双重认证会显著提升 Apple ID 的安全性。打开双重认证后,您需要使用密码以及受信任设备或受信任电话号码才能登录您的帐户。为了尽可能保护帐户的安全性并确保您永远不会失去访问权限,您应遵循以下几条简单准则:
牢记 Apple ID 密码。
在您的所有设备上均使用设备密码。
更新您的受信任电话号码。
确保受信任设备的安全。
管理您的帐户
您可以通过 Apple ID 帐户页面管理受信任电话号码、受信任设备以及其他帐户信息。
更新您的受信任电话号码
要使用双重认证,您需要至少登记一个受信任电话号码,以用于接收验证码。除了验证您自己本身的电话号码外,请考虑多验证一个受信任电话号码。如果您的 iPhone 是您唯一的受信任设备,万一 iPhone 丢失或被盗,您将无法接收访问帐户所需的验证码。
您可以按照以下步骤来更新受信任电话号码:
前往您的 Apple ID 帐户页面。
使用您的 Apple ID 登录。
前往“安全”部分,然后点按“编辑”。
如果要添加电话号码,请点按“添加受信任电话号码”,然后输入电话号码。选择是通过短信还是自动语音来电来验证号码,然后点按“继续”。要移除一个受信任电话号码,请点按要移除的电话号码旁边的 x 图标。
查看并管理受信任设备
您可以在您的 Apple ID 帐户页面的“设备”部分中查看并管理受信任设备的列表。
前往您的 Apple ID 帐户页面。
使用您的 Apple ID 登录。
前往“设备”部分。
设备列表将显示您当前使用 Apple ID 登录的设备。选择一台设备以查看型号、序列号和其他有用信息,包括这台设备是否受信任以及是否可以接收 Apple ID 验证码。
您还可以移除受信任设备。移除受信任设备是为了确保它不再显示验证码,以及阻止其访问 iCloud 以及设备上的其他 Apple 服务(除非您再次使用双重认证登录)。如果需要查找设备或抹掉设备数据,然后将其从受信任设备列表中移除,您可以使用“查找我的 iPhone”。
生成 App 专用密码
打开双重认证后,您需要使用App 专用密码在非 Apple 提供的第三方应用或服务(如电子邮件、通讯录或日历应用)中登录您的帐户。请按照以下步骤生成 App 专用密码:
登录 Apple ID 帐户页面。
点按“App 专用密码”下的“生成密码”。
按照屏幕上的步骤操作。
生成 App 专用密码后,请像往常一样将它输入或粘贴到相关应用的密码栏位中。
常见问题
需要帮助?您可从下文中找到您问题的答案。
如果我忘记了密码该怎么办?
您可以按照以下步骤通过受信任设备重设或更改密码。
在 iPhone、iPad 或 iPod touch 上:
前往“设置”>“[您的姓名]”。如果使用的是 iOS 10.2 或更低版本,请前往“设置”>“iCloud”> 轻点您的 Apple ID。
轻点“密码与安全性”>“更改密码”。
输入新密码。
在 Mac 上:
前往 >“系统偏好设置”>“iCloud”。
选取“帐户详细信息”。如果系统要求您输入 Apple ID 密码,请点按“忘记了 Apple ID 或密码”,然后按照屏幕上的说明操作。您可以跳过下面的步骤。
点按“安全性”>“重设密码”。在重设 Apple ID 密码之前,先输入 Mac 的解锁密码。
如果我无法使用受信任的设备或者未收到验证码,该怎么办?
如果您要登录,但是手边没有可显示验证码的受信任设备,您可以选择通过短信或自动语音来电将验证码发送至受信任电话号码。点按登录屏幕上的“没有收到验证码”,然后选择将验证码发送至受信任电话号码。您还可以直接从受信任设备的“设置”中获取验证码。了解如何获取验证码。
如果您的 iPhone 装有 iOS 11.3 或更高版本,您可能不需要输入验证码。在某些情况下,iPhone 上可在后台自动验证您的受信任电话号码。这样您可以少做一项操作,而且您的帐户仍会受到双重认证的保护。
如果我无法登录,如何才能重新获得帐户的访问权限?
如果您无法登录、使用受信任的设备、重设密码或接收验证码,可以请求帐户恢复以重新获得帐户的访问权限。帐户恢复是一项自动流程,旨在让您可以尽快重新使用自己的帐户,同时拒绝可能假冒您身份的任何人访问您的帐户。帐户恢复可能需要几天或更长时间,具体取决于您可以提供的用于验证您身份的具体帐户信息。
我是否仍需要记住任何安全提示问题?
不需要。如果您使用双重认证,那么无需记住任何安全提示问题。我们只会使用您的密码和发送到您受信任设备和电话号码的验证码来验证您的身份。当您注册双重认证时,我们会将您的旧安全提示问题保留在案两周,以防您需要将您的帐户恢复至之前的安全设置。两周后即会删除。
Apple 支持是否可以协助我重新获得帐户的访问权限?
Apple 支持团队可以回答您关于帐户恢复流程的问题,但是不能以任何方式验证您的身份或加速这个流程。
双重认证的系统要求是什么?
为获得最佳体验,请确保使用您 Apple ID 的所有设备均符合以下系统要求:
装有 iOS 9 或更高版本的 iPhone、iPad 或 iPod touch
装有 OS X El Capitan 和 iTunes 12.3 或更高版本的 Mac
装有 watchOS 2 或更高版本的 Apple Watch
装有 tvOS 的 Apple TV(第 4 代)
装有 Windows 版 iCloud 5 和 iTunes 12.3.3 或更高版本的 Windows PC
为孩子创建的 Apple ID 是否可以使用双重认证?
可以。满足基本系统要求的任何 Apple ID 都可以注册双重认证。进一步了解谁可以使用双重认证。
如果我不认识登录通知中显示的位置,该怎么办?
当您在新设备上登录时,您会在其他受信任设备上收到一条通知,其中包含一张显示新设备所在大致位置的地图。这是一个基于这台设备当前所用 IP 地址的大致位置,而不是这台设备所在的确切位置。所显示的位置可能反映的是您连接的网络,而不是您所在的实际位置。
如果您知道自己就是尝试登录的那个人,但不认识显示的位置,您仍可以轻点“允许”并继续登录。但是,如果您看到通知,提示您的 Apple ID 正被用于在某个新设备上登录,而正在登录的那个人并不是您,请轻点“不允许”以阻止这次登录尝试。
如果我在运行旧版软件的设备上使用双重认证,会怎样?
如果您在运行旧版 OS 的设备(例如 Apple TV 第 2 代或第 3 代)上使用双重认证,系统可能会要求您在登录时,将六位验证码添加至密码末尾。从运行 iOS 9 及更高版本或 OS X El Capitan 及更高版本的受信任设备中获取验证码,或者将验证码发送至受信任电话号码。然后直接在密码栏位中键入密码,后跟六位验证码。
打开双重认证后,是否可以将其关闭?
如果您已在使用双重认证,则您无法再关闭这项功能。最新版 iOS 和 macOS 中的某些功能要求使用这一额外的安全保护措施,旨在保护您的信息。如果您最近更新了自己的帐户,可以在两周内取消注册。只需打开您的注册确认电子邮件,然后点按相应链接即可恢复之前的安全设置。请注意,这样做会降低您帐户的安全性,并意味着您无法使用具有较高安全要求的功能。
双重认证和 Apple 当前提供的两步验证功能是否有不同之处?
是。双重认证直接内建于 iOS、macOS、tvOS、watchOS 和 Apple 网站中。它使用不同的方法来信任设备和发送验证码,而且提供了更为简化的用户体验。要使用一些具有较高安全要求的功能,必须使用双重认证。
如果用户已经注册了推出时间较早的两步验证,他们可以继续使用。两步验证将独立于双重认证。
有关非 Apple 制造的产品或非 Apple 控制或测试的独立网站的信息仅供参考,不代表 Apple 的任何建议或保证。Apple 对于第三方网站或产品的选择、性能或使用不承担任何责任。Apple 对于第三方网站的准确性和可靠性不作任何担保。互联网的使用具有一定风险。请联系供应商以了解其他信息。其他公司和产品名称可能是其各自所有公司的商标。
发布日期: 2019年1月28日