What you need to know
- Apple is making SMS-based one-time passwords more secure.
- Those passwords can be tied to a particular domain.
- That means Safari will check the codes came from a legit source.
Way back in January Apple's WebKit team suggested a new format for SMS one-time passcodes that would make them more secure. Now, Apple has announced that developers can already take advantage of the feature in a new post to its developer website.
According to the post, Apple will now allow developers to associate their one-time passcodes with a domain, allowing Safari on iPhone, iPad, and Mac to check the code is associated with the correct domain before offering to use AutoFill.
Apple calls this new feature "domain-bound codes" and it should prevent fake codes from being generated and then auto-filled by Safari.
Apple notes that this move doesn't mean standard codes will no longer be supported, however. They will be, but it does suggest that developers take advantage of the new domain-bound codes as well.
All of this kicks in when iOS 14, iPadOS 14, and macOS 11 Big Sur arrive this fall.
Developers can learn more about implementing the new codes on Apple's developer portal.
Master your iPhone in minutes
iMore offers spot-on advice and guidance from our team of experts, with decades of Apple device experience to lean on. Learn more with iMore!
Oliver Haslam has written about Apple and the wider technology business for more than a decade with bylines on How-To Geek, PC Mag, iDownloadBlog, and many more. He has also been published in print for Macworld, including cover stories. At iMore, Oliver is involved in daily news coverage and, not being short of opinions, has been known to 'explain' those thoughts in more detail, too.
Having grown up using PCs and spending far too much money on graphics card and flashy RAM, Oliver switched to the Mac with a G5 iMac and hasn't looked back. Since then he's seen the growth of the smartphone world, backed by iPhone, and new product categories come and go. Current expertise includes iOS, macOS, streaming services, and pretty much anything that has a battery or plugs into a wall. Oliver also covers mobile gaming for iMore, with Apple Arcade a particular focus. He's been gaming since the Atari 2600 days and still struggles to comprehend the fact he can play console quality titles on his pocket computer.