Your Apple ID is an account that’s worth guarding at all costs. Here are some simple steps you can take to secure it and make sure you can quickly recover it if the worst happens.

Why You Should Do This

Let’s suppose for a moment that you lose access to your Apple ID. This could be as part of a deliberate attack or due to you not having access to your password or a trusted device. Remember that two-factor authentication requires that you not only know your password but also provide a code to log in.

Suddenly, you lose access to any data you depend on in iCloud. This includes your iCloud Photos, Notes, Reminders, and iCloud Drive contents. You can’t make FaceTime calls or partake in iMessage conversations if you’re unable to log in. If you use an iCloud email account then your email is also out of action.

Apple has a process called Account Recovery that is designed for use by anyone who has set up two-factor authentication. The process requires a waiting period of around 72 hours and even requires that you avoid using devices connected to your Apple ID while you wait.

Though there are methods that Apple can use to speed up the process (like verifying payment information), this is less than ideal particularly if you use your account for work purposes. Setting up a recovery contact or generating a recovery key offers a way to expedite or bypass this process entirely.

This is enough to get you back up and running quickly if something goes wrong with your account.

Set Up a Recovery Contact

A recovery contact is someone that you nominate to verify your identity if you somehow lose access to your account. They can generate a six-digit code that you can use as part of the account recovery process to verify your identity.

The idea is that a recovery contact will know that you are indeed the person who owns the account. These people should only share this code if they are certain of your identity, so this works best either over the phone or ideally in person.

Since phone numbers and accounts can be hijacked, this process should not take place over SMS or other instant messaging protocols. You should be sure that the person understands this before you add them as a recovery contact so that the code isn’t given out in error.

A recovery contact won’t have access to your account or any of the data within. Their purpose here is to verify your identity should you ask them for a recovery code. They should always refuse to provide the code if they have any doubts.

To set up a recovery contact on an iPhone:

1. Launch Settings on your iPhone.
2. Tap on your name then select Sign-In & Security > Account Recovery.
3. Tap “ Add Recovery Contact” and then tap the “Add Recovery Contact” button in the pop-up and authenticate with Face ID or Touch ID.
4. Account Recovery will check to see if you have any outdated devices that need updating or removing from your account (see note below).
5. Nominate a contact you would like to use. Family Sharing groups will automatically suggest family members, who will automatically be added, whereas standard contacts will need to accept the request.
6. Wait for your contact to accept the request, after which you will see them appear in the Settings > Sign-In & Security > Account Recovery menu.

You can also set up an Apple ID recovery contact on an iPad or a Mac.

Some older devices may need to be updated or removed from your account because they fall short of the minimum required iOS feature to use this. Account Recovery will notify you of your options and whether you need to update an old device or remove it altogether.

Recovering Your Account With the Help of a Recovery Contact

Should you lose access to your account, you can get a code from your recovery contact:

1. Follow the instructions on-screen or at iforgot.apple.com to start the recovery process.
2. Reach out to your recovery contact either by phone or in person and tell them you need to recover your Apple ID.
3. Have them navigate to (System) Settings > Name > Sign-In & Security > Account Recovery.
4. Your name should be in the “Account Recovery For” section at the bottom of the screen.
5. Ask them to tap on your name and use the “Get Recovery Code” button.

Recovery contacts need to have an Apple device running iOS 15, iPadOS 15, or macOS Monterey or later. They will need to be using two-factor authentication and have a passcode or password on their device. They also need to be over the age of 13.

Set Up a Recovery Key

If you don’t want to use a recovery contact, you can opt instead to use a recovery key. This is a 28-character code that disables Apple’s standard Account Recovery process entirely. The only way to recover your account when you go this route is with another trusted device or your 28-character code.

This has the benefit of leaving you less exposed to social engineering attacks. For example, if an attacker manages to convince Apple or your recovery contact that they are you, your account could be compromised (admittedly, this is unlikely to happen).

It also places all of the responsibility for your account recovery in your hands. You can put copies of your 28-character code in multiple locations, but you should be sure to keep them safe.

If you lose your key and access to your account via a trusted device, you won’t be able to recover your Apple ID. If you’re concerned that this is a real possibility, we’d recommend the Recovery Contact method (above) instead.

To set up a recovery key:

1. Launch Settings on an iPhone or iPad or System Settings on a Mac.
2. Select your name followed by Sign-in and Security > Account Recovery.
3. Tap Recovery Key > Use Recovery Key (iPhone and iPad) or click “Manage” on a Mac.
4. Authenticate with your device passcode or password.
5. Record the recovery key displayed on the screen.
6. Confirm your recovery key to turn the feature on.

You can print your passcode and store it in a secure location, like a safe or a locked briefcase. You can give copies to trusted friends and family. You could put it in a text file on a USB flash drive and keep it in a drawer. You could tattoo it on the bottom of your foot (but we wouldn’t recommend it).

One thing you should definitely not do is store it in a location that might become hard to access if you lose access to your account. So don’t put it in your Apple Notes, in a document stored on iCloud Drive, in an email sent to your iCloud Mail address, and so on.

We’d also recommend obfuscating the true nature of the code. Perhaps don’t store it with a label saying exactly what it is, just in case someone finds it.

Just In Case

The good news is that with two-factor authentication enabled and good password practices, you’ll probably never need to recover your Apple ID. If you have more than one trusted device (like a Mac and an iPhone) you already have a failsafe way of getting access to your account should you need it.

Then again, you can never be too careful when securing your accounts.