Two-factor verification on your AppleID helps to keep everything nice and secure. Once enabled, you will need any two of the following to access your iCloud account: The password to your Apple ID, a device trusted in the portal (we’ll trust devices during this process) or a recovery key (which we’ll create during this process). In other words, don’t lose your recovery key!
To enable two-factor verification, you’ll need to already have a password with at least 8 characters that contains at least 1 number and 1 capital letter. Once your AppleID username and password meets these requirements, go to appleid.apple.com and sign in to the AppleID you will enable two-factor verification on. Once in the portal, to enable two-factor verification:
- Click on Password & Security.
- Enter the answer to the questions you set up.
- Click on Get Started…
- Click Continue on the next screen.
- Read the first screen with information about two-factor verification.
- Read the second screen and click Get Started.
- Add your current phone number to start the verification process.
- Enter the 4-digit verification code that gets texted to your phone.
- Click on Verify for devices to trust.
- Click Continue.
- On the next screen, document your Recovery Key.
- Click Continue.
- Enter the Recovery Key to verify it.
- Click Confirm.
- Check the box to confirm you understand what you’re getting into.
- Click Enable Two-Step Verification.
- At the confirmation dialog, indicating that two-factor verification was enabled click Done.
- Two-factor verification then replaces your security questions.
Again, don’t lose that recovery key!
Here are a few best practices so that you get started down the right path with Bushel:
•When you create an account, you’ll create a company url for enrolling devices in the future (i.e. company.bushel.com). Just keep in mind that this address is what you’ll share with employees if they need to enroll devices so shorter is better than longer but logical is also helpful.
•When you activate your account, you’ll link with Apple’s Push Notification Service (APNS). Whatever Apple ID you use to link with APNS will be required to renew annually. You may choose to link it to a company email address instead of an individual email address. Many people create a company email for this purpose, something like email@example.com or firstname.lastname@example.org. Just know that whatever Apple ID you use for APNS will be needed each year to renew.
•When you create a free Volume Purchase Program (VPP) account with Apple (http://www.apple.com/business/vpp/), you will create a separate Apple ID. Apple requires this ID to be unique for the Volume Purchase Program. It cannot match any existing ID used for iTunes so I recommend creating your VPP Apple ID while signing up for the program. Again, you may choose to use a company email vs an individual email because there’s annual renewal here as well. Many companies create an email that looks something like email@example.com for this purpose.
While these aren’t deal-breaker details, they can definitely make your life a lot less stressful once you roll into the deployment and you happen upon that first year of renewals with Apple’s various programs. We have a number of video tutorials on our YouTube channel as well: https://www.youtube.com/channel/UCfJ5xon9jky9fM12vhdYj2A
There are a staggering amount of smartphone thefts each year. Apple is prepared. They have addressed the growing trend by releasing groundbreaking features to secure not only your device, but to take a long-term approach to securing the ecosystem with Activation Lock. Activation Lock is meant to greatly reduced the number of iPhones stolen each year by making devices devoid of value if stolen. Activation Lock ties an Apple ID to a device, so if the device is stolen, the device is useless. This can be an annoyance when businesses get locked out of their own devices once an employee leaves their organization. This means they are not able to reuse the devices and must suffer the associated costs or have someone go to an Apple Store to get devices unlocked.
With Bushel’s latest update, this challenge businesses face is a problem of the past. Bushel now supports Activation Lock Bypass, a feature allowing businesses to reactivate these locked devices and put them back to work. We are happy to support this new feature at no additional cost. And to outline the why of Activation Lock Bypass, we’ve created this infographic!
Creating a lot of Apple IDs with a script means you need a good pattern as an input and output.
If you take an email address, like firstname.lastname@example.org then the username is what’s in front of the @ symbol and the domain is what’s behind it. If you then take the username and add a + at the end, you can then type some characters and put it all in front of the @ and domain name then the mail will still come to me. So, let’s say I use it to create an AppleID for an APNS certificate. That might be +apps added to email@example.com:
Or iPhone1 (or these days iPad1):
The only gotcha is that occasionally you’ll run into some field on a webpage that has input validation for non alpha-numeric characters. Shouldn’t be the case, but it comes up from time to time. I use this a lot. For example, rather than use my email w/ my credit card company, I can use bushel+SOMECOMPANY@bushel.com and then I can create filters in Mail a little more easily for mail that comes from them. The best part about that is that it then shows me really easily who is selling my information that shouldn’t. For example, you’d think SOMECOMPANY gets enough $ out of me as a paying customer, but apparently not because they’ve sold my email address to at least 3 or 4 companies.
Note: This does not work with Office 365.