When it comes to protecting your accounts, the general consensus is to use two-factor authentication, which traditionally uses a unique six-digit code that gets replaced every 30 seconds. If you want to keep hackers away, it’s a big help...but the process isn’t seamless. You often need a third-party app, and you might lose access to all your passwords if you lose your phone or the app itself.
With the new Passwords app in iOS 18 (currently in developer beta), Apple is making the process of singing up for and using 2-factor authentication even simpler. You can set up two-factor natively on your iPhone, iPad, or Mac, and since it’s linked to your iCloud account, it’s secure, supports autofill, and you’ll never lose access to it. Not to mention, it’s free to use.
Plus, the Passwords app now has a dedicated section for Codes, where all your two-factor codes are listed together. The app also makes it easy to copy and paste codes even for apps that don't support the autofill feature.
To be clear, this built-in authenticator is different from your Apple ID’s two-factor authentication settings. The latter sends a code to one of your trusted Apple devices when trying to log into your Apple ID. This new feature, however, is for third-party services that require an authenticator app.
How to set up two-factor authentication in Passwords app
To set up two-factor authentication for a website or an app using the new tools in iOS 18, you’ll first need to install the iOS 18 beta using the instructions here. Then, you'll need to add two-factor authentication for that site or app to the Passwords app. The steps for doing this are almost the same for all websites and apps, although the wording might differ.
Navigate to the passwords section in the site or app you're using, then choose its two-factor authentication option. Copy the code that the app or website gives you. Open the Passwords app, then add the code for the login page and authenticate.
For example, let's set up two-factor authentication for the Instagram app. Open the Instagram app, go to your Profile and tap the Menu button. Here, choose Accounts Center > Password and Security > Two-Factor authentication and choose your Instagram account.
Choose Authentication App as an option, then tap Next. Now, the Instagram app will show you a unique key. Tap on the Copy Key button to copy it to your clipboard.
Then, open the Passwords app and find the entry for your Instagram account. Tap the Edit button from the top, then choose the Set Up Code option.
From the popup, paste the code key and tap Use Setup Key. Tap the Done button to save. Now, you'll see the six-digit verification code that changes every 30 seconds. Tap on the code, copy it, and switch to Instagram. Here, enter the code that you just copied, then tap the Next button.
Once authentication is complete, two-factor authentication will be enabled on the account. You can then choose to view and copy a list of backup codes, which can bypass two-factor authentication and which you'll want to keep on hand in case of emergency. When you're ready, tap the Done button.
That’s it. Your two-factor authentication is set up. The next time you need to log in to the account, you’ll see a suggestion to paste in the two-factor authentication code right above the keyboard.
And if you are using a third-party browser or app that doesn't support autofill, you can simply open the Passwords app and go to the Codes section to quickly copy the six-digit code.