Your phone contains everything about you. And if one person gets to know your Apple ID, it is normal to get worried, and think that whoever got it can move to the next step—steal your identity.
But should you get worried?
The short answer is yes. Your Apple ID is what you use to log-in to your device, and if someone knows what it is, plus your password, then they can log in to another Apple device and use your identity to do malicious things.
What is the Apple ID?
The Apple ID is your identification in the Apple ecosystem or database. It tells the apple computers that it is you, and it will allow you to fetch information from it. With the Apple ID, you can log in to different apps, products and services, such as iMessage, iCloud, iTunes, your Mac, iPhone, and others.
It is the Apple ID that you use to buy stuff in i-Tunes such as games, or in-app purchases for games that you are already playing.
If somebody knows your Apple ID, then he already has half of your identity. The only remaining thing he needs is your password. And if a hacker manages to get that, too, he will be able to buy stuff on i-Tunes, charge your credit card for it, and you will never know who it is.
How do you protect your Apple ID?
To protect your Apple ID and password, your best bet is to use a two-factor authentication. Also called 2FA, it is a verification method that requires something that you know and something that you have.
Something that you know is your password or PIN, and something you have is your phone or card. If you put these two things at work, the verification system will not let anybody log-in if the only thing they have is a PIN.
In this method, the system will let you log in by sending you a text message to your phone, which, ideally, is not the same as the device you are logging into. Well, even if it is the same device, you are still safe.
Let us say that you are trying to log-in to the Apple ecosystem with your Apple ID and password on a MAC, but your 2-factor authentication is on. Apple will send a text to your phone, which could be an iPhone or an Android, and you need to input the code from that text before you can log in.
A criminal who has your Apple ID and password but not your phone will not be able to log in. Banks do this all the time. If you log in to your bank account on a PC or a tablet, the bank will send a test to your phone.
If you are using the phone where the text should be sent, the bank will nolonger send the text because it recognizes your phone’s number and IMEI.
Your Apple ID is half of your identity in the Apple ecosystem. The Apple database uses this to save your settings, files, documents, photos, purchases, and a whole lot more. If a person gets access to it, he will be able to access another Apple device, and make the Apple system believe that it is you.
He will make purchases and you will just be surprised one day that you have a lot of purchases in your bill to pay.
Keep yourself safe. Use a strong password that Apple recommends, and enroll in the two-factor authentication to add another layer of security to your identity.