How to extract data from a 2FA iCloud account

We're massive fans of two-factor authentication (2FA) here at Reincubate, as it's a fantastic way for every iPhone user to protect their data. There's no cost to use it, and Apple make it easy to set up. We strongly recommend people enable it.

Can I download data from iCloud if two-factor authentication (2FA) is activated?

Our services are fully compatible with 2FA and encryption.

If you have two-factor authentication option enabled on your iPhone and you want to download your iCloud backup data data -- or account data, like your iCloud Photo Library or call history -- that's great: iPhone Backup Extractor will prompt you for your 2FA code as appropriate. You'll need a trusted device to ensure you can get the code, but that makes sense.

In this article we're going to cover off how to get data from 2FA-protected accounts, and then go into a little more detail on what two-factor authentication is, and how it works.

Getting 2FA data with iPhone Backup Extractor

Our app iPhone Backup Extractor will let you download or view any iCloud backup data on your account, along with any other iCloud data available. It'll also enable you to read data from regular iTunes backups. Here's how you can wire it up:

1. Download the iPhone Backup Extractor (works on Windows and Mac) and install it on your computer. You'll need a license for iCloud support.

2. Open the application, click on "Click here to add an iCloud account".

3. Enter your iCloud login details. If you enter them correctly, you'll be prompted to perform a 2FA challenge, Select "Challenge all your devices", click on the "Challenge" button then go to your device and click “Allow”.

4. The Apple ID verification code will appear on your phone. Don’t click "OK" because the code will disappear.

5. Enter the verification code into iPhone Backup Extractor -- as you can see in the image below -- then click on “Submit”.

6. That's it -- you're in. iPhone Backup Extractor will let you access your data as usual.

You’ll find we've got a guide for downloading iCloud data which includes more detail. Follow the instructions and you will be able to download and extract your messages, images, videos, apps data, so on...

What is two-factor authentication (2FA)?

Two-factor authentication (2FA) is a security feature that was introduced by Apple to protect iCloud accounts, back during the release of iOS 9 / macOS El Capitan. It's designed to prevent access to an account, even if the password is known by others.

Two-factor authentication (2FA) allows access to iCloud accounts only for devices you trust (a device you own and have access to). The password is useless if an attacker, for example, doesn’t have access to your trusted devices, and a key to use them.

This security feature was implemented after another protection technology used by Apple and called two-step verification (2SV).

Why are additional authentication steps necessary?

Is a password not enough to protect your sensible iCloud data? The answer is no.

Even if your password is long and complex, there's always a possibility that it can be guessed or stolen. If your computer is infected by a virus, it's possible that it could intercept your password. In this situation, no one can be 100% sure that their account isn't accessed by a third-party.

There are three types of authentication factor:

• Based on something you know (a password, for example)
• Based on something you have (a device, in this case)
• Based on something you know and at the same time have

Why should you activate two-factor authentication (2FA)?

The security risks are increasing every day. Attackers may want to steal private data or credentials (credit card data for example).

The celebrity iCloud photos leaks underscored how simply a password alone isn't enough to always keep your data safe. As the FBI and Apple discovered, this attack was possible with targeted attacks against the emails associated with the iCloud accounts of these celebrities.

The hackers emailed their victims fake "security alerts" about the iCloud, requesting that they change their passwords, and directing them to a fake iCloud site. The victims then entered their existing passwords there, thinking they were about to change them. This gave the hackers everything they needed to gain access to those accounts.

With two-factor authentication (2FA) activated, access based on the password alone becomes impossible. That’s why we recommend it so emphatically.

How does 2FA work?

Two-factor authentication (2FA) works in this way:

1. If the user wants to get into his account, they need to enter their username and the password as usual

2. If the credentials are correct, the user will receive a code on all the trusted devices associated with their account. Instead, a signal is sent to each device, prompting each one to generate a code and show it on the screen.

3. The code from the device entered into the 2FA login prompt from iCloud. If the code supplied is valid, access to the iCloud account will be granted. If you confirm the message from the screen, the browser used for access and the device will become trusted and can be utilised without any two-factor authentication (2FA) verifications in the future.

What's the difference between 2SV and 2FA?

The main differences between these verification methods are:

• Two-step verification (2SV) requires choosing a particular trusted device to be challenged, and this will be the device that receives the code. The code will be four digits long.
• Two-factor authentication (2FA) challenges all trusted devices. When a trusted device is challenged with 2FA, it doesn't receive a code directly from Apple's servers: instead it receives an instruction to generate the code itself. These codes are six digits long

Two-step verification (2SV) works this way:

1. When the user wants to access their account they enter their username and the password as usual

2. The user receives a call or SMS with a password or code. The access code is sent to a previously confirmed device (usually registered when the account was made).

3. The code should be entered into the login form within a short period of time. If the code expires because it wasn't entered in time, a new code will be needed.

How to activate 2FA

To activate two-factor authentication on your devices and iCloud account you should follow the next steps:

For macOS:

1. Click the Apple menu, choose System Preferences, tap on iCloud and access Account Details

2. Once here, select the Security option

3. Go to Two-Factor Authentication and choose Turn on

For iPhone, iPad or iPod touch (iOS 9 or later):

1. Click on Settings then choose iCloud and select your Apple ID

2. Tap Password & Security

3. Select Two-Factor Authentication then tap Turn on

How to get an Apple ID verification code on your devices?

Once you have 2FA activated, you've three options in order to get an Apple ID verification code on your devices:

1. Generate a code using one of your devices. The advantage of this method is that you don’t need to be online to get the code. Depending on your operating system or device you should follow the next steps.

   • For iOS 9 devices and above: Click on Settings and choose iCloud then select your Apple ID username. If the device is online, select Password & Security then Get Verification Code. If the device is offline, click on "Get Verification Code" and the code will be generated.

   • For Mac with OS X El Capitan: Go to Apple Menu, select System Preferences, choose the iCloud option then click on Account Details. If the device is offline, click onGet Verification Code, if is online tap Password & Security then Get Verification Code.

2. Sign in with one of your confirmed devices or access the iCloud. You’ll receive a notification with the Apple ID verification code on your trusted devices (you should tap "Allow" to do this).

3. Receive a call or SMS with the Apple ID verification code, even if you don’t have a trusted device with you. The code is sent to your trusted phone number, confirmed in advance. To do this click on Didn't get a verification code on your sign-in screen and choose to receive the code on your confirmed phone number. Then check your messages or respond to the phone call from Apple

If you have any questions on 2FA or securing your iCloud account, please drop us a note. We're happy to help.