How to secure your iPhone from hackers, snoopers, and thieves (iOS 12.1)
Why secure your device?
People carry a huge amount of very valuable personal information around with them everywhere they go on their iPhones. And while iOS does a great job of keeping their data safe, it's possible to make the device a lot more secure.
Here are settings you should check (and change) and tweaks you should make to harden the security and lock down your device.
One point worth making is that added security always puts speed bumps in the way of productivity, and added additional steps -- and a few seconds -- to doing things. Security is always a compromise, but in my mind, added security is always worth the small downsides that come from it.
Start with a strong passcode
Security all starts by keeping people out of your device!
No matter whether you use Touch ID or Face ID, you still need a passcode, and the longer the passcode you can use -- and remember! -- the better.
Go to Settings > Touch ID & Passcode (or Face ID & Passcode on iPhones with Face ID), enter your existing passcode, and then tap on Passcode Options to get a set of options. Choose between Custom Alphanumeric Code (the most secure) or Custom Numeric Code (second best option), or 4-Digit Numeric Code (I don't recommend this last option because it's easy for shoulder-surfers to see what your PIN code is).
Switch on automatic iOS updates
Want to make sure that you are running the latest version of iOS? A new feature in iOS 12 is the ability to install iOS updates automatically, which makes sure that your iPhone or iPad's operating system is always up-to-date.
To set this head over to Settings > General > Software Update and turn on Automatic Updates.
Control what Touch ID/Face ID is used to authenticate
Do you want the convenience of Touch ID or Face ID, or do you rather the additional protection that having to enter your passcode offers? Again, it's balancing security against convienience.
iOS 12 allows you to switch Touch ID/Face ID on and off for:
- - iPhone Unlock
- - iTunes and App Store
- - Apple Pay
- - Password AutoFill
Go to Settings > Touch ID & Passcode (or Face ID & Passcode on iPhones with Face ID), enter your existing passcode to control this.
Password AutoFill and third-party password managers
This, in my mind, is the killer security feature that Apple introduced in iOS 12.
iOS 12 now comes with both a password autofill feature using the iCloud Keychain and has the ability to connect to third-party password apps such as LastPass, Dashlane, and 1Password. This means that you can get access to your passwords across a variety of operating systems.
You can find this feature in Settings > Passwords & Accounts > AutoFill Passwords.
Control access to what's accessible when the iPhone or iPad is locked
Control how much - or how little - you want to be accessible on a locked device. iOS 12 gives control over the following:
- - Today View
- - Notification Center
- - Control Center
- - Siri
- - Reply with Message
- - Home Control
- - Wallet
- - Return Missed Call
- - USB Accessories
The bottom line is that the more you lock down, the more secure your device and data will be. The USB Accessories feature is especially useful, because it will prevent the Lightning port being used to connect to any accessory if your iPhone or iPad has been locked for more than an hour.
Go to Settings > Touch ID & Passcode (or Face ID & Passcode on iPhones with Face ID), enter your existing passcode to control this.
Set brute-force protection
iOS has built-in brute-force protection to prevent an unauthorized user from trying to guess your passcodes.
Go to Settings > Touch ID & Passcode (or Face ID & Passcode on iPhones with Face ID), enter your existing passcode, and scroll down to Erase Data.
After 10 attempts (toward the end there will be a time lockout to slow down the entry process), the encryption key will be deleted and your data wiped.
Use iOS to check for password reuse
If you use the iCloud KeyChain to store web passwords, you can now use this to check for password reuse (which is bad, so don't do it! STOP IT!).
Go to Settings > Passwords & Accounts > Website & App Passwords and authenticate with either touch ID/Face ID or your passcode.
You will see a grey triangle with an exclamation mark next to any entry that is reused. To change the password, tap Change Password on Website.
Reduce the lock screen timeout
The shorter you set the lock screen timeout setting (there are options ranging from 30 seconds to never), the faster your iPhone or iPad display will require authentication to access it.
You can change the auto-lock time by going to Settings > Display & Brightness > Auto-Lock.
Disable biometrics to force passcode entry
iOS 12 -- as was the case with iOS 11 -- allows you to disable Face ID or Touch ID and force the use of the passcode.
To do this press the power button five times (just be sure to cancel the SOS Emergency calling feature if you have this activated).
Set up two-factor authentication
One of the best ways to protect your data is to set up and use two-factor authentication. This means that, even if an attacker has your iCloud username and password, Apple will send an authentication code of a device you've chosen, which should block most attacks.
Go to Settings > and tap your name at the top of the screen, then go to Password & Security, then choose Two-Factor Authentication.
Set a recovery key
While setting up two-factor authentication (go to Settings > tap your name at the top of the screen, then go to Password & Security, and choose Two-Factor Authentication), you can also set up a Recovery Key.
Once set, without this key, or another device signed in with your Apple ID, you will not be able to reset your password.
Disable unnecessary widgets
Widgets can leak data even when your iPhone is locked. You can either disable the Today View from being accessible when your device is locked (see earlier tip: Control access to what's accessible when the iPhone or iPad is locked), or you can edit the widgets as follows:
Swipe to the right on the Home screen into the Today View panel, and then scroll to the bottom of the screen and hit Edit. Now, you can remove any panel that you do not need.
Turn on "Find My iPhone"
This is a handy feature to have on if you worry about your device being stolen, or if you are careless with things.
To activate it go to Settings > then tap your name at the top of the screen, and go to iCloud > Find My iPhone.
From here, you can also check the Send Last Location feature, which sends the location of your device to Apple when the battery is low, allowing you to find it even when the battery is flat.
Control notification data leakage
Notifications displayed on the lock screen can leak sensitive information to snoopers and shoulder-surfers. Here's how to prevent that happening (it also means that you have to unlock your device to see any notifications, but that's the price of added security).
To do this go to Settings > Notifications > Show Previews and change the setting to When Unlocked or Never.
Take control over Location Sharing
You can control how and when apps have access to your location data. Go to Settings > Privacy > Location Services, and from there you can go through your apps.
You can choose between:
- - Never
- - While Using the App
- - Always
Each app should also given you a brief explanation of how if uses location data.
Lock down the Safari browser
If Safari is your browser of choice on iOS, Apple gives you a number of security customizations.
Head over to Settings > Safari, and from there, you will get access to numerous options, from blocking pop-ups to preventing cross-site tracking.