2.1.1.4 Audit Security Keys Used With AppleIDs

Information

Apple has introduced the capability of using security keys to protect Apple IDs using two-factor authentication in macOS Ventura 13.2, in iOS 16.3, and in iPadOS 16.3. This feature along with the purchase of two hardware tokens (a backup device is required) protects against the compromise of AppleIDs. This feature requires all devices using an enrolled Apple ID to meet the minimum OS standard.

Users of Apple devices are supported across their devices by using the same Apple ID to support shared data in both iCloud and across devices. Compromising an Apple ID has become a very attractive target for attackers to gain unauthorized access to iCloud storage and user devices. Two-factor authentication reduces the risk.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Graphical Method:

Perform the following steps to set Security Keys is set to your organization's requirements:

- Open System Settings
- Select Apple ID
- Select Password & Security
- Select Add.. to add a security key, or Remove All Security Keys ro remove security keys, to meet your organization's requirements

Impact:

Legacy devices and test machines will be challenging to ensure that they are all running recent Operating Systems that can utilize Security Keys. It is best practice not to use AppleIDs with access to current user data on legacy and test machines. Technical staff that use legacy devices are encouraged to create additional Apple IDs that do not need two-factor protection and can be used for testing on legacy devices when required.

See Also

https://workbench.cisecurity.org/benchmarks/15550

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1), CSCv7|4.4

Plugin: Unix

Control ID: f47372d288a93e5f198f1c89d925cecdb1c93dd31c7a0e6f26a442e492a0ef2b