Two-factor authentication on your Apple ID protects everything connected to your Apple account — iCloud photos, App Store purchases, Apple Pay, Find My iPhone, and more. When enabled, signing in on a new device requires both your password and a verification code sent to a device you already trust. Apple has made the setup straightforward, and it takes just a few minutes.

Why does Apple ID 2FA matter?

Your Apple ID is the key to your entire Apple ecosystem. It controls access to:

  • iCloud — photos, contacts, calendars, notes, documents, and device backups
  • App Store and iTunes — all your purchased apps, music, movies, and subscriptions
  • Apple Pay — your linked credit and debit cards for contactless payments
  • Find My iPhone/iPad/Mac — the ability to locate, lock, or erase your devices remotely
  • iMessage and FaceTime — your private messages and video calls
  • Keychain — saved passwords for websites and apps across all your Apple devices

If an attacker gets your Apple ID password, they could lock you out of your own devices, access your private photos, make purchases with your payment methods, or even erase your devices remotely using Find My.

Over 12 billion credentials have been exposed in known data breaches as of 2026. If the email associated with your Apple ID appeared in any of those breaches, and you use the same or a similar password, your Apple account could be at risk. Check if your email has been exposed to see.

Microsoft’s research shows that two-factor authentication blocks 99.9 percent of automated account attacks. Apple agrees — they consider 2FA so important that newer Apple IDs have it enabled by default, and once activated, it cannot be turned off after 14 days.

How to enable 2FA on Apple ID — step by step

The process is slightly different depending on whether you are using an iPhone/iPad or a Mac. Both are covered below.

On iPhone or iPad

Step 1 — Open Settings

Tap the Settings app on your home screen. It is the gray gear icon.

Step 2 — Tap your name

At the very top of the Settings screen, you will see your name and Apple ID. Tap on it. This opens your Apple ID settings where you can manage your account, iCloud, and security options.

Step 3 — Go to Sign-In & Security

Tap Sign-In & Security. On older versions of iOS, this may be labeled Password & Security. This is where all your authentication settings live.

Step 4 — Tap Two-Factor Authentication

Tap Turn On Two-Factor Authentication. If you see “Two-Factor Authentication: On” instead, it is already enabled and you do not need to do anything else.

Step 5 — Add a trusted phone number

Apple will ask you to enter a trusted phone number. This is the number where Apple will send verification codes if you cannot access any of your trusted devices. Enter a phone number you reliably have access to — your own mobile number is usually the best choice.

Choose whether to receive codes via Text Message or Phone Call, then tap Next.

Step 6 — Enter the verification code

Apple will send a code to the phone number you entered. Type the code into your iPhone or iPad to verify the number.

Step 7 — Done

Two-factor authentication is now enabled on your Apple ID. Your current device is automatically registered as a trusted device.

On Mac

Step 1 — Open System Settings

Click the Apple menu in the top left corner of your screen and select System Settings (or System Preferences on older macOS versions).

Step 2 — Click your name

Click your name at the top of the sidebar. This opens your Apple ID settings.

Step 3 — Go to Sign-In & Security

Click Sign-In & Security in the list of options. On older macOS versions, click Password & Security.

Step 4 — Turn on Two-Factor Authentication

Click Turn On next to Two-Factor Authentication. If it already says “On,” your account is already protected.

Step 5 — Add a trusted phone number

Enter a phone number where you can receive verification codes. Choose text message or phone call, then click Continue.

Step 6 — Verify and finish

Enter the code sent to your phone number. Your Mac is now a trusted device, and 2FA is active on your Apple ID.

How trusted devices work with Apple ID 2FA

Apple’s two-factor authentication works differently from most other services. Instead of using a separate authenticator app, Apple uses your existing Apple devices as the verification method.

Here is how it works:

  • When you sign in on a new device, Apple sends a notification to all your trusted devices — your iPhone, iPad, Mac, or Apple Watch
  • A pop-up appears on your trusted device showing the approximate location of the sign-in attempt and asking if you want to allow it
  • If you tap Allow, a 6-digit verification code appears on the trusted device
  • You enter that code on the new device to complete the sign-in

This means your iPhone (or any Apple device signed into your Apple ID) acts as your authenticator. You do not need a separate app.

If none of your trusted devices are available, you can receive a code via text message or phone call to your trusted phone number instead.

How to manage your trusted devices and phone numbers

You can see and manage your trusted devices and phone numbers at any time:

  1. Go to Settings > tap your name > Sign-In & Security
  2. Under Trusted Phone Numbers, you can add or remove numbers
  3. Scroll down to see all devices signed into your Apple ID — each one is a trusted device

Tips for managing trusted devices:

  • Keep at least two trusted devices if possible — if one is lost or broken, you still have another way to receive codes
  • Add a secondary phone number — a family member’s number, for example, as a backup in case your phone is lost
  • Remove old devices — if you sold or gave away an Apple device, make sure it is removed from your trusted devices list

What to do after enabling 2FA on your Apple ID

  • Check your Apple ID email for breaches — if the email address linked to your Apple ID has been exposed in a data breach, change your Apple ID password immediately. Check your email here
  • Review your trusted devices — go to Settings > your name and scroll down to see all devices signed into your Apple ID. If you see any you do not recognize, tap on them and select Remove from Account
  • Set up iCloud Keychain — with 2FA enabled, you can use iCloud Keychain to securely sync passwords across all your Apple devices
  • Enable Find My — make sure Find My iPhone is turned on so you can locate, lock, or erase your device if it is ever lost or stolen
  • Use a unique, strong password — your Apple ID password should not be the same as any other account. If you have been reusing passwords, now is the time to change it

Apple ID 2FA and Apple account recovery

One important thing to understand: because Apple makes 2FA nearly permanent (you cannot disable it after 14 days), you should take recovery seriously.

If you lose access to all your trusted devices and your trusted phone number, getting back into your Apple account requires Apple’s account recovery process. This can take several days because Apple deliberately slows it down to prevent unauthorized access.

To avoid this situation:

  • Always keep your trusted phone number up to date
  • Add more than one trusted phone number if possible
  • Keep at least one trusted device accessible
  • Store your Apple ID password in a password manager

Frequently asked questions

Is Apple ID two-factor authentication the same as two-step verification?

No. Apple used to offer an older system called two-step verification, but it has been replaced by two-factor authentication, which is more secure and built directly into iOS and macOS. If you were using the old two-step verification, Apple has likely already migrated you to the newer system.

Can I turn off Apple ID two-factor authentication after enabling it?

In most cases, no. Once you enable two-factor authentication on your Apple ID, Apple gives you a 14-day window to turn it off. After that period, it becomes permanent. Apple considers 2FA essential to protecting your account and does not allow disabling it after the grace period.

What happens if I lose all my trusted Apple devices?

You can use the trusted phone number you registered during setup to receive a verification code via text or phone call. If you cannot access that either, Apple has an account recovery process that may take several days. This is why adding a trusted phone number during setup is critical.

Does Apple ID 2FA work without an internet connection?

Yes. Your trusted Apple devices generate verification codes locally, without needing an internet connection. The codes appear in Settings on your device even when you are offline. You only need connectivity on the device where you are trying to sign in.