Following the recent iCloud celebrity photo hack that saw naked photos of a number of famous people hit the Web, Apple boss Tim Cook promised to improve security in a bid to ensure such an incident doesn’t happen again.

Backing up his words with actions, the company on Tuesday expanded AppleID’s two-step verification process to iCloud.com, adding another layer of security to the site by asking for a code on top of a password.

With two-step verification enabled, access to an Apple account will be denied unless both the password and the code are entered.

If you haven’t already enabled two-step verification with your AppleID account, now is the time to do so. It’s a straightforward process, with full instructions laid out by the Cupertino company here.

And don’t worry, the system doesn’t involve having to remember more passwords or codes. It’s simply a case of entering a new code – obtainable from one of your trusted mobile devices – each time you log in. It only takes a few extra seconds, and should give you some peace when it comes to the security of your Apple account.

Related: DT’s guide to using iCloud

When setting up the verification process, you’ll also be supplied with a 14-character ‘recovery key,’ an additional code that can be used if your trusted devices are lost or unavailable, or if you forget your password. The recovery key should be written down and kept in a safe place.

With two-step verification enabled, access to iCloud apps – including Mail, Calendar, Contacts, Reminders, Pages, Numbers, and Keynote – is prevented until you the enter both your password and the code.

More measures are expected soon to further shore up iCloud security, while Apple has also promised to spend more time publicizing the benefits of turning on two-step verification, with many customers still opting not to use it, or not even realizing it exists.

With Apple about to launch a new mobile payment system, as well as a Health app that can hold plenty of personal information, the company is keen to demonstrate to customers that it’s serious about protecting user data.