Apple ID (account locked)

With two-step verification enabled for your Apple ID, you don’t need to create or remember any security questions because your identity is exclusively verified using your password, verification codes sent to your trusted devices and your Recovery Key.

The added layer of security is a tremendous convenience, but with great power comes great responsibility and I can’t stress enough how crucial it is to ensure you never forget where you stored your Recovery Key. As Owen Williams of The Next Web learned the hard way, they’re calling it “Key” for a good reason.

Losing your Recovery Key puts you at risk of being locked out of your Apple ID if Apple’s temporarily disabled it as a security precaution because someone’s tried to hack it.

Apple cannot grant you access back into your Apple ID. This is by design: the system’s been engineered in such a way so that only you can regain access to it. And in order to do that, you absolutely need a Recovery Key.

Here’s what to know about securing your Apple ID with two-step verification.

It boils down to storing your Recovery Key in a safe place because you never know when someone could try entering an incorrect Apple ID password.

That someone could be you.

As Apple’s support document states, you’ll be locked out of your Apple ID temporarily should your password be incorrectly entered too many times.

Two-step verification is easy to use.

As shown further below, any time you sign in to manage your Apple ID at the My Apple ID website, sign in to iCloud.com or make an iTunes, iBooks or App Store purchase from a new device, you’ll need to verify your identity by entering both your password and a 4-digit verification code.

As Apple notes, “After you turn it on, there’s no way for anyone to access and manage your account other than by using your password, verification codes sent to your trusted devices, or your Recovery Key.”

9748-1645-140630-iCloud-2-Step-l

But what if you or someone else made numerous attempts to log into your Apple ID using an incorrect password? Nothing extraordinary: as a security precaution to protect your data, Apple will temporarily disable your Apple ID and require that you unlock it with your Recovery Key.

What some folks don’t seem to understand is that with two-step verification enabled and your Apple ID temporarily disabled for security reasons, Apple’s password recovery service available through the iForgot website is useless because there’s no way back in without your Recovery Key.

Therefore, not misplacing your Recovery Key is an absolute priority, a lesson Williams has learned the hard way.

“I had no idea where my Recovery Key was or if I’d ever even put the piece of paper in a safe place,” Williams wrote. “I’ve moved since I set up two-step verification” he writes.

Williams went on to call Apple Care, to no avail.

“We take your security very seriously at Apple,” a customer support representative told him “but at this time we cannot grant you access back into your Apple account. We recommend you create a new Apple ID.”

Indeed, as Apple’s FAQ states in plain language, “Apple Support can help you with other aspects of your service, but they aren’t able to update or recover” your Apple ID credentials.

There are no two ways around it. “Only you can reset your password, manage your trusted devices, or create a new Recovery Key,” the doc reads.

apple two-step

Noting he was on the verge of “losing my digital life,” Williams eventually recovered his Recovery Key from a Time Machine backup and used it to regain access to his Apple ID.

I’m aware this isn’t exactly breaking news and that Williams’s post only highlights that Apple’s systems actually work as designed. That being said, I thought it would be helpful to clear up any confusion stemming from enabling two-step verification and then losing your Recovery Key.

Our step-by-step instructions on enabling two-factor verification should get you up to speed quickly. In order to receive verification codes on any iOS device, Find My iPhone must be turned on.

Lost your Recovery Key?

Not to worry, just visit My Apple ID, choose “Manage your Apple ID” and sign in with your password and trusted device. Then hit “Password and Security” and click “Replace Lost Key” under the Recovery Key section. Keep in mind that creating a new Recovery Key renders the old one obsolete.

By the way, should you forget your Apple ID password you can always reset it at My Apple ID using your Recovery Key and one of your trusted devices.

Let Williams’s example be a constant reminder to everyone using two-factor verification: your Recovery Key should be absolutely stored in a safe place. Losing it puts you at risk of being locked out of your Apple ID if you or someone else entered your password incorrectly one too many times.

Apple ID (unlock, Recovery Key)

And don’t you ever store your Recovery Key on an iOS device.

Say I steal your iPhone and retrieve the Recovery Key you foolishly stored in 1Password or what not. Now I have the keys to your kingdom and can access all the apps and media you’d purchased on iTunes, use your iMessage and FaceTime, access your iCloud files and data — everything!

For the same reason, avoid adding any email account associated with your Apple ID to your device to prevent a thief from resetting your password. Another tip worth remembering: don’t associate your Apple ID with throwaway email addresses.

I myself use two-factor verification with an associated email created just for Apple ID. I will never add that email to iOS or Yosemite nor will I access it through email clients or any app for that matter outside a desktop browser in a private browsing mode.

Again, you and only you — not Apple — are entirely responsible for remembering your password, keeping your trusted devices physically secure and keeping your Recovery Key in a safe place.

two-step 6

“If you lose access to two of these three items at the same time, you could be locked out of your Apple ID permanently,” Apple underscores. If that’s not a wake up call to anyone who forgot where they stowed their Recover Key, I don’t know what is.

At the time of this writing, two-step verification was available in the following 59 countries: Argentina, Australia, Austria, Belgium, Bolivia, Brazil, Canada, Chile, China, Colombia, Costa Rica, Denmark, Dominican Republic, Ecuador, El Salvador, Finland, France, Germany, Greece, Guatemala, Honduras, Hong Kong, India, Indonesia, Ireland, Israel, Italy, Japan, Korea, Luxembourg, Macao, Malaysia, Mexico, Netherlands, New Zealand, Nicaragua, Norway, Panama, Paraguay, Peru, Philippines, Poland, Puerto Rico, Portugal, Russia, Singapore, South Africa, Spain, Suriname, Sweden, Switzerland, Taiwan, Thailand, Turkey, United Arab Emirates, United Kingdom, United States, Venezuela and Vietnam.

When the feature goes live in your country, it’ll automatically appear in the Password and Security section of your account when you sign in to My Apple ID.

  • Brandon

    Honestly, anyone that complains about this is stupid. If you lost your recovery key, you’re just dumb. When you set up 2 step auth, Apple even makes sure you’ve written down your recovery key somewhere.

  • Jonathan

    Hmm.. I don’t use two-step verification. Should I? I mean, I have a passcode on my devices, a good password to my account, and so forth.

    • Never really understood it. I try to login to appleID on my iPhone, get a text on my iPhone.. this is only useful if you got more than one device. Doesn’t hurt much to have on, since it’s not required every time.

      • Jonathan

        I have 3 devices, so I suppose I could do it.

  • chjode

    So you’re saying that not knowing my account unlock passcode means I can’t unlock my account? Shocker.

    Save your stuff in KeePass, LastPass, OnePassword, etc.

  • Blip dude

    I don’t use 2-step verification

  • Warmachine69

    This has been on for a long time. All these post on various web sites about this is kinda random!

  • Mark Kramer

    don’t use it

  • Andrew

    My mom and I keep each other’s Recovery Keys on our devices in 1Password, e.g. I keep hers and she keeps mine. Two completely unassociated accounts, and it is simply labelled “Recovery Key” in the 1Password note.

  • Ken

    this has happen to in real life. i contact the service provider and was able to get my phone back to normal. i did lost my recovery key and not for a stupid reason. it happens. just letting y’all know that contacting your phone provider will unlock the phone without the recovery key

  • WolfgangHoltz

    Apple shouldn’t be allowed coding security solutions.
    They have invested so much money in iOS security and the only iDevice not jailbroken is AppleTV 3. Put that in your CV Apple.

  • Joshua The-Legend Wiebe

    I’ve noticed there’s a glitch with the 2 step verification, theres been times where you need to input the code in the registration setup and the code will not be typed in (as it normally does) even sms won’t work because the device cannot access messages if you havn’t registered it yet, then after trying to get the code to be typed in, it locks you out for too many invalid attempts. Apple needs to fix this as this can happen to many people and not everyone would have their recovery key on hand.

  • AmitMargalit

    I can’t use 2- step verification because I forgot my security questions… Can someone be of any help?