Last year after nude photos apparently stolen from various celebrities’ iCloud accounts began circulating on Reddit, Apple responded by telling people to enable a feature called “two-factor authentication.”
The idea is simple. When you try to log in to your iCloud account, Apple sends your phone a four digit code that you have to enter in addition to your password. That way, if someone only has your password, they can’t get in; they would also need physical access to your phone to hijack your account.
Two-factor authentication provides much better security than a password alone, and you really should enable it everywhere you can: Gmail, Facebook, Twitter, your bank. But there is one big problem with it: it’s really annoying. Every time you want to log in to a site, you have to get your phone out, unlock it, find the authentication code, and type it in. If you type too slowly, the code changes and you’ve gotta try again. For far too many people, this is just too big of a hassle, so they leave themselves open to attack.
