What should you do when two-step authentication is not available for your Apple ID?
When Apple introduced two-step authentication for Apple ID my first thought was "Finally, the fruit company takes security seriously". But, as I've come to learn, that's not entirely accurate for everyone as the new feature is only available for users living in Australia, Ireland, New Zeeland, United Kingdom and United States. What if you're living in Canada or Germany? Well, tough luck, you can't use it. But what can you do?
Wired's Mat Honan is probably the best known Apple user to have fallen prey to Apple ID account hacks. Honan tells an alarming story, about habit and comfort (dare I say oversight) leading to having one's virtual identity shred into pieces. But two-step authentication cannot be forcefully enabled, so what can you do while waiting for Apple to support your region and mobile operator? You can still take some precautions that will secure your Apple ID account.
First thing you should do is sign in to My Apple ID using your credentials (Apple ID and password). Then let's tackle a couple of security steps one by one.
Use a Dedicated Email Address
This may seem like a no-brainer, but one of the most important steps that you can take to beef up the security of your Apple ID account is to use a dedicated email address. This can be achieved from the "Name, ID and Email Addresses" menu.
Preferably, the email address that links to your Apple ID account should have two-step authentication enabled (like Gmail currently allows) and must not be used to sign in to Facebook, Twitter or other cloud services. You should also add an alternate and rescue email address, as a precautionary measure.
Change the Password
Even though security experts recommend changing the password for every account on a frequent basis, few users really do it. The reasons why may range from being lazy to not caring, but as some have come to learn the damage can be irreparable.
So head over to "Password and Security", input the answers to the two security questions and change your password. Preferably you should use a complex one containing both capital and small letters, numbers and special characters, like "P4$$w0rd" instead of "Password" or "8374N3w$" instead of "BetaNews" (but please choose more difficult words or combinations to break).
Alternate Security Questions and Answers
Apple has a thing for security questions. The company wants users to add them when setting up a new account or for existing ones, and for good reason. Security questions are, at least in theory, a safety net against hackers. The only problem is that people tend to use obvious answers and not change or alternate the security questions over time.
Use "Password and Security" to add answers to security questions that only you would know how to respond to. And alternate the security questions and answers at least once a month. It may take a couple of minutes (maybe 15 minutes tops) but you will have a more secure Apple ID account afterwards.
Other Security Measures
Make sure all your contact information is accurate. This includes name, primary and shipping addresses and phone numbers (daytime, evening phone and mobile phone). You should also have it written somewhere else, hidden from prying eyes, in case of emergency (your Apple ID account got hacked for example) in case you can't remember everything.
Also, use your Apple ID to only sign in to secure sites such as My Apple ID or to only authenticate yourself on Apple-branded devices such as iPad or iPhone. It's best to compartmentalize rather than regret the mistake later on.