Apple Watch Can Display Apple ID Verification Codes Starting in watchOS 6

[MacRumors]

Starting in watchOS 6, the Apple Watch has become a trusted device for Apple ID authentication purposes.

When you or someone else signs in to your Apple ID on a new device or browser, the Apple Watch will automatically alert you, complete with an approximate location of the person. If the sign-in attempt is allowed, a six-digit verification code will then appear to be entered on the new device or browser.

Something I haven't seen before watchOS 6: the Apple Watch can now receive and display Apple ID Verification Codes as a trusted device for 2-factor authentication. pic.twitter.com/Oin8AbYEDc - Jeremy Horwitz (@horwitz) June 10, 2019

This functionality has been available on iPhones and iPads since iOS 9, and on Macs since OS X El Capitan, for Apple ID accounts with two-factor authentication enabled. Now, users simply have one more option in the Apple Watch.

Article Link: Apple Watch Can Display Apple ID Verification Codes Starting in watchOS 6

 

[BeyondtheTech]

About friggin' time.

Will it also do parental approvals for family purchases?

 

[Crzyrio]

Yesssss!

I have been waiting for this for quiet some time now. I am assuming the priority of this jumped up their charts with the 'Sign in With Apple' feature,

 

[PastaPrimav]

It is unbelievable how annoying they've managed to make 2-factor authentication.

I have never ever once logged in as myself on a "foreign" machine that is not one that is owned by me and under my exclusive control, yet I'm forced to deal with Apple's 2-factor all the time. Seemingly every time I log in to my developer account or any Apple domain in Safari. "Trust" this browser? Yeah, my ass. Until the very next time I log in.

What we need is an authentication-free experience when we've sufficiently proven that we are in fact the person using the machine. Unlocking the Mac with Apple Watch should be the key. After that, I should not be forced to provide authentication of any kind, (unless I opt to enable app per app in settings).

It is absurd that they haven't taken the steps to embrace this more. Unlocking with Apple Watch is more than enough to prove that it is my sitting at the machine, and I shouldn't need to enter passwords anywhere, let alone deal with 2-factor.

 

[kwokaaron]

watchOS 6 looks better and better. Noise app, the app store, authentication for Mac (no need for entering password when installing apps etc) and now this!

 

[dannyyankou]

This is a lot better than hitting “allow” on your phone and trying to memorize it.

 

[konqerror]

It is absurd that they haven't taken the steps to embrace this more. Unlocking with Apple Watch is more than enough to prove that it is my sitting at the machine, and I shouldn't need to enter passwords anywhere, let alone deal with 2-factor.

Yeah, Microsoft managed to do this far better for years now. You sign in once through Windows Hello and it handles native Windows sign-ins and Microsoft properties through Edge. The latest update of Windows 10 extends this to third-party sites via FIDO2. All TPM bound so it's like a dongle.

Apple is the only company who requires you to type in a stupid number, everybody else, Microsoft, Google, Duo, just have you press OK on the authentication notification.

 

[PastaPrimav]

This is a lot better than hitting “allow” on your phone and trying to memorize it.

OR even better....hitting Allow on the same Mac you're logging in on, that wants you to prove that it is you.

 

[Zachari]

It is unbelievable how annoying they've managed to make 2-factor authentication.

I have never ever once logged in as myself on a "foreign" machine that is not one that is owned by me and under my exclusive control, yet I'm forced to deal with Apple's 2-factor all the time. Seemingly every time I log in to my developer account or any Apple domain in Safari. "Trust" this browser? Yeah, my ass. Until the very next time I log in.

What we need is an authentication-free experience when we've sufficiently proven that we are in fact the person using the machine. Unlocking the Mac with Apple Watch should be the key. After that, I should not be forced to provide authentication of any kind, (unless I opt to enable app per app in settings).

It is absurd that they haven't taken the steps to embrace this more. Unlocking with Apple Watch is more than enough to prove that it is my sitting at the machine, and I shouldn't need to enter passwords anywhere, let alone deal with 2-factor.

You are spot on friend. They need to get this in check, or even integrate it into Sign in with Apple.

 

[Braderunner]

Yes!...Yes!...and, Yes!

 

[macduke]

So I can pay for stuff with my Apple Watch without having to do anything and use it to unlock my Mac, but I have to punch in a code I read off my wrist? Why can't it just send a signal to my device to approve it? Better yet, why can't being on your Mac and signed into iCloud on a logged-in device (past the passcode/login screen) already be enough authorization to sign in to a website? I thought Apple was all about ease of use and having proprietary system integration in their apps. At the least it should work with Safari.

About friggin' time.

Will it also do parental approvals for family purchases?

Would also be great for approving/denying additional time on their iPad.

 

[MisterSavage]

Long overdue but glad it's coming!

 

[Crowbot]

I know it’s been a bit annoying but, honestly, I’d rather err on the side of security. But I’m happy to see the Watch as a trusted device.

 

[nburwell]

Finally! Very much overdue. I never understood why I couldn't get the Apple ID verification code on my Watch when it goes to my iPhone and iPad.

 

[Mobster1983]

OR even better....hitting Allow on the same Mac you're logging in on, that wants you to prove that it is you.

This is my favorite. And the code popping up in a separate window on the SAME device!!!

 

[Mac 128]

Finally! Very much overdue. I never understood why I couldn't get the Apple ID verification code on my Watch when it goes to my iPhone and iPad.

It should have been a high priority.

I had a friend who’s phone was stolen while on vacation in Europe last year, bought a new iPhone and tried to access iCloud to restore his contacts, and needed a verification code.

He called Apple customer support, and they told him he needed a trusted device, that his Apple Watch couldn’t be used, and that he should have brought a Mac or iPad on vacation with him. Ridiculous.

I have to wonder how many calls like that they’ve gotten.

 

[Shirasaki]

It is unbelievable how annoying they've managed to make 2-factor authentication.

I have never ever once logged in as myself on a "foreign" machine that is not one that is owned by me and under my exclusive control, yet I'm forced to deal with Apple's 2-factor all the time. Seemingly every time I log in to my developer account or any Apple domain in Safari. "Trust" this browser? Yeah, my ass. Until the very next time I log in.

What we need is an authentication-free experience when we've sufficiently proven that we are in fact the person using the machine. Unlocking the Mac with Apple Watch should be the key. After that, I should not be forced to provide authentication of any kind, (unless I opt to enable app per app in settings).

It is absurd that they haven't taken the steps to embrace this more. Unlocking with Apple Watch is more than enough to prove that it is my sitting at the machine, and I shouldn't need to enter passwords anywhere, let alone deal with 2-factor.

Yes. Until now, I am still highly skeptical to even consider enabling 2FA. I see more and more cool/niche/somewhat useful features now require 2FA to work and it is designed for people to securely login their Apple ID. But, given Apple never inform user to unpair Apple Watch BEOFRE erasing their devices (thought they should’ve done this by now), I have forgot to unpair watch before erasing several times, including the first three weeks that I was exchanging my iPhone and iPad for various reasons (within 14 days window). Since I don’t have a second number, I am extremely worried that Apple will not inform me to deactivate the device on 2FA Before erasing my device and bam. The account access is locked since I have no sufficient methods to verify my identity.

watchOS 6 looks better and better. Noise app, the app store, authentication for Mac (no need for entering password when installing apps etc) and now this!

This leaves with one question: how many of those features are watch series 4 and above exclusive? Noise app is not available in watch series 3 for sure.

 

[Jamesk811]

“Trust this browser” will only work if you don’t have any cookies blocked.

It is unbelievable how annoying they've managed to make 2-factor authentication.

I have never ever once logged in as myself on a "foreign" machine that is not one that is owned by me and under my exclusive control, yet I'm forced to deal with Apple's 2-factor all the time. Seemingly every time I log in to my developer account or any Apple domain in Safari. "Trust" this browser? Yeah, my ass. Until the very next time I log in.

What we need is an authentication-free experience when we've sufficiently proven that we are in fact the person using the machine. Unlocking the Mac with Apple Watch should be the key. After that, I should not be forced to provide authentication of any kind, (unless I opt to enable app per app in settings).

It is absurd that they haven't taken the steps to embrace this more. Unlocking with Apple Watch is more than enough to prove that it is my sitting at the machine, and I shouldn't need to enter passwords anywhere, let alone deal with 2-factor.

 

[MRrainer]

I admit I rarely log into iCloud. And even then, it's not such a big deal to enter those numbers.

We already have two different "things" at work that require TFA (via FreeOTP) and I find that for more annoying (because I use it often and the session times out after a couple of hours).

 

[mannyvel]

My Apple ID is at this point one of the more valuable logins that I have, so security things don't really bother me. Having Apple's 2FA on the watch is nice, but ideally they should also support the google authenticator style 2fa (TOTP/HOTP). It would bypass that "I lost all my apple devices" problem and is marginally less secure than the all-Apple solution.

 

[allenvanhellen]

It is unbelievable how annoying they've managed to make 2-factor authentication.

I have never ever once logged in as myself on a "foreign" machine that is not one that is owned by me and under my exclusive control, yet I'm forced to deal with Apple's 2-factor all the time. Seemingly every time I log in to my developer account or any Apple domain in Safari. "Trust" this browser? Yeah, my ass. Until the very next time I log in.

What we need is an authentication-free experience when we've sufficiently proven that we are in fact the person using the machine. Unlocking the Mac with Apple Watch should be the key. After that, I should not be forced to provide authentication of any kind, (unless I opt to enable app per app in settings).

It is absurd that they haven't taken the steps to embrace this more. Unlocking with Apple Watch is more than enough to prove that it is my sitting at the machine, and I shouldn't need to enter passwords anywhere, let alone deal with 2-factor.

No password at all? Are you nuts?

 

[haruhiko]

This is my favorite. And the code popping up in a separate window on the SAME device!!!

Yeah security my ass. This is more laziness than security.

 

[SluggerJ]

I can't believe it toke Apple this

 

[ErikGrim]

I wish they'd fix the "device near x", when it frequently shows the x to be on the other side of the continent.

 

[Boatboy24]

About friggin' time.

Will it also do parental approvals for family purchases?

Thank you! Getting the notification about the request is worthless if I can't do anything with it (aside from getting up to go find my phone).