I love two-step verification. I want it and I know a lot of folks do too. I've been using it for Google and other cloud-based services for years now. While Apple does offer it for some app purchases, it's time that Apple brings it to logging into iCloud.
Right now, I just get a lame e-mail like this.
This is useless in more ways than I can think of. First, if I'm not in front of a computer that allows me to log into a desktop based browser (it's not that I can't use it on my iPad or iPhone Safari. It just isn't optimized for them) to do get into the Apple ID page, it's useless. Second, there is no option for me to do something about it within the e-mail.
It's nice that I get a warning but doesn't help if I'm in no position to stop an unauthorized log-in.
By the time I log in, the hacker could have already log-in himself and have already changed my password and other credentials.
Now, the main impetus for me writing about this now is largely due to the celebrity photo dump on darknet that was likely done through some sort of social engineering or phishing on the part of the scumbags who perpetrated those crimes.
Most objective observers will come to the conclusion that while Apple is not at fault if Jennifer Lawrence wanted to naked selfies and use weak passwords, Apple could have done more to beef up security in the first place.
So, I think a two-step verification scheme is a good start. What do you think?