It looks like two-factor authentication is becoming the next big widely-accepted step in keeping accounts secure. Apple is the latest company to join the likes of Google, Facebook and LastPass in offering two-factor authentications for users accounts. You can enable two-factor authentication to keep your Apple ID account more secure.
The two-factor authentication kicks in whenever you do one of the following: sign in to My Apple ID to manage your account, Make an iTunes, App Store or iBookstore purchase from a new device, or get Apple ID-related support from Apple.
Every time you do one of these things, you get a verification code on a trusted device. In Apple's terms, a trusted device is one you control and which can receive 4-digit verification codes using either Find my iPhone or SMS to verify your identity. You will need to enter both your password and a 4-digit verification to do any of the aforementioned things.
Follow these steps to use your two-factor authentication code
To enable two-factor authentication, you have to go to the Apple ID website, go to “Manage your Apple ID” and sign in, select “Password and Security” and select Get Started under Two-Step Verification. The on-screen instructions will guide you through the rest of the process.
You can manage your account or make purchases as usual after you sign in and verify your identity with the two-factor authentication. In case you lose access to your “Trusted Device”, you also get a 14-digit Recovery Key that you can use to log in to your account. The Recovery Key also works in case you forget your password, and once you set up the two-factor authentication, you don't have to set up or remember any security questions.
Two-factor authentication is important as the code you get on your trusted device is randomised. This prevents people who don't have access to your device from logging into your account and spending money from a credit or debit card that you may have linked to your Apple ID for App Store and iTunes purposes.
Ideally, Apple recommends that you verify all SMS-enabled phone numbers that you typically use with your iPhone or any other phone. The company also recommends that you verify an SMS-enabled phone number used by someone close, like a spouse or other family member, in case you don't have access to your verified phone number.
In case you lose your Recovery Key, you can replace it at any time by going to My Apple ID and picking Replace Lost Key in the Password and Security Page of your Manage your Apple ID page.
The two-factor verification isn't a one-way street. You can turn it off at any time using the steps that Apple has provided on its support page.