Use the built-in iOS 15 authenticator as a secure 2FA method for all your accounts

Most websites and apps support two-factor authentication (2FA), which adds an extra layer of security to your accounts by requiring another form of identification besides a username and password. The second factor could be a recovery code, a physical security key, or a one-time password (OTP) that only you have access to, even if someone else has your password. This process is easier than ever with iOS 15.

Many people prefer SMS codes as their two-factor authentication method, in part because almost every account that supports two-factor authentication supports it by default. When you log in, you receive an SMS code to your phone number and you paste it where required to authenticate your login. Your iPhone makes this even more convenient with its Autofill feature, which can automatically upload a verification code to a website or app without you having to copy or type it.

Why You Should Use the Authenticator App

Push notifications, emailed PINs, and SMS-based verification codes are not reliable. Hackers can easily intercept, spoof, or phish to obtain codes, and they can even socially engineer the information needed to obtain codes from the carrier itself (SIM swap scams are a common attack vector).

While a physical security key is the best way to secure your accounts, authenticator apps are another great thing, providing much better security than push, email, and SMS codes. Authenticator apps generate codes on your phone every 10-15 seconds and you must use it to sign in before it expires. If a hacker tries to access your account but doesn’t have your phone, they won’t be able to log in.

Google Authenticator, Microsoft Authenticator, LastPass Authenticator can all be used as your authenticator app, but Apple has built its own authenticator in iOS 15 and you don’t even have to worry about installing another app.

What does the Apple Authenticator highlight?

Let’s say you have enabled 2FA for Facebook through Google Authenticator on your iPhone. If you lose your iPhone, you will lose Google Authenticator along with it. Because of this, accessing your Facebook account can become a major headache that you may not be able to cure.

The built-in Apple Authenticator can sync with your iCloud so it’s available on all devices connected to your Apple ID. This means you can use your iPad to access Facebook or Instagram even if you lose your iPhone. The bottom line is, if you’re knee-deep in the Apple ecosystem, iOS 15’s built-in authenticator could be your lifesaver.

You can use the iOS 15 authenticator on any website or app that supports authenticator apps as a 2FA method. I’ll show you how to use the new feature by setting up 2FA on Facebook, but you can use authenticator verification codes on Discord, Dropbox, LinkedIn, and Twitter, just to name a few. The exact process for setting up and using authenticator codes for a website or app may differ from Facebook. However, it’s usually pretty intuitive if you’re familiar with the settings.

Open Facebook settings

First, open Facebook on your iPhone and sign in if you haven’t already. Then tap Menu at the bottom, select Settings & Privacy and open Settings.

Choose your preferred 2FA method

Now open “Password and Security”. If you see “Set up two-factor authentication”in the top recommendations, click on that. Otherwise, select “Use two-factor authentication”below the list. In the 2FA settings, select “Authentication Application”as your preferred security method and click “Continue”.

Choose how you want to customize it

You will now see a page with a QR code and a 32 digit code below it. From here, you can set up 2FA in three ways:

• If you are using your iPad or computer to set up 2FA, you can scan the QR code from this device with your iPhone. Go to step 5 for instructions.
• If you want to set up 2FA on the same device, click “Set up on the same device”and the “AutoFill”section of your iPhone’s “Password”settings will open. If your Facebook credentials are already saved, select them and skip to step 5. Otherwise, you’ll have to set them up first, as described in step 4.
• If you’re setting up on the same device, you can also click on the 32-digit code to copy it and then click Continue. You will need to enter a 6-digit verification code, but go to step 5 for more information.

Add your credentials to the settings app

If you already have Facebook credentials saved in the “Passwords”section of the Settings app, skip to step 5. Otherwise, go there now. You will need to use Face ID or Touch ID to access your saved passwords. Once there, click the plus (+) icon at the top, enter your Facebook credentials in the appropriate fields, and click Done. After that, you will see that your facebook.com credentials are now saved in the list.

Note. The password in the screenshot above is not shown because iOS hides all passwords in screenshots. This is one of those little things that you don’t always notice, but you can appreciate.

Scan the QR code or enter the verification key

If you copied the 32-digit verification code, go to Settings -> Passwords -> facebook.com, then click on Set up verification code under Account Settings. In the pop-up window, select Enter Setup Key, paste it, and click OK.

If you want to use a QR code from Facebook, you can select “Scan QR Code”in the pop-up window. You can’t take a screenshot of a QR code and scan it on your iPhone, so you’ll need another Apple device to get the QR code. So, log in to Facebook on your iPad or Mac and go to the QR code page from step 3. After you click “Scan QR Code”on your iPhone, point your camera at the QR code on the other device.

Verify your 2FA method with Facebook

You will now see a “Verification Code”displayed on the facebook.com password page in Settings. This six-digit verification code changes every 30 seconds. Click on the code, then select Copy Verification Code. Then go back to the 2FA section of the Facebook app and paste the code on the “Enter Verification Code”page.

Note. Like passwords, iOS hides verification codes here in screenshots. Changes happen every 30 seconds, so be sure to copy this code and paste it into the Facebook 2FA section within 30 seconds or the code will expire.

How to login with an authenticator code

Let’s say you’re logged into Facebook using your iPhone and iPad. These are recognized devices, and every time you log in through them, you won’t have to deal with 2FA.

Two-factor authentication is triggered when you or someone tries to access your account from an unrecognized device. When this happens, the website or app will prompt the person trying to access the account to provide a live code from the built-in iOS authenticator. Since only you have access to it, no one can access your account, even if they know your password.

If you’re trying to sign in to your account, iOS may offer a verification code, just like SMS codes, so you don’t have to go to Settings -> Passwords -> [website] to find the code.

2FA is very secure, but can be just as worrisome if you only have one Apple device. If you lose this device, you will permanently lose access to your Facebook. If you only have one Apple device, you may be better off choosing a different two-factor authentication method. Either that or set up an additional 2FA method.

How to disable 2FA

If you ever want to turn off two-factor authentication for your Facebook, you’ll need to do so first on the website or app before removing it from the Passwords section of the Settings app. If you remove it from iCloud first, you won’t be able to access the account unless you have the 2FA fallback method enabled.

For Facebook, go to Menu -> Settings & Privacy -> Settings -> Password & Security -> Use Two-Factor Authentication. Here you will see an option to turn off two-factor authentication. Just click “Turn Off”and you’ll need to enter your Facebook password for this to happen. You can then remove the item in the “Passwords”settings.