X

How to secure your iPhone or iPad from hackers, snoopers, and thieves (iOS 12.2)

Your iPhone and iPad is likely packed with important, valuable, and even sensitive information that you might not want others to be able to access. Here are the steps you should take to lock down an iPhone or iPad running iOS 12.2.
Introduction
1 of 20 Adrian Kingsley-Hughes/ZDNET

Why secure your device?

Chances are high that your iPhone or iPad is an absolute treasure trove of personal information that you don't want falling into the hands of others. And while iOS does a great job of keeping data safe, it's possible to make the device a lot more secure.

Here are settings you should check (and change) and tweaks you should make to harden the security and lock down your device.

It's worth noting that extra security always puts speed bumps in the way of productivity, and adds additional steps -- along with a few seconds -- to doing things. Security is always a compromise, but  the small productivity downsides that arise from it are worth it to keep you and your data safe.

Set a strong passcode
2 of 20 Adrian Kingsley-Hughes/ZDNET

Start with a strong passcode

Security all starts by keeping people out of your device!

No matter whether you use Touch ID or Face ID, you still need a passcode, and the longer the passcode you can use -- and remember! -- the better.

Go to Settings > Touch ID & Passcode (or Face ID & Passcode on iPhones with Face ID), enter your existing passcode, and then tap on Passcode Options to get a set of options. Choose between Custom Alphanumeric Code (the most secure) or Custom Numeric Code (second best option), or 4-Digit Numeric Code (I don't recommend this last option because it's easy for shoulder-surfers to see what your PIN code is).

Set brute-force protection
3 of 20 Adrian Kingsley-Hughes/ZDNET

Set brute-force protection

iOS has built-in brute-force protection to prevent an unauthorized user from trying to guess your passcodes.

Go to Settings > Touch ID & Passcode (or Face ID & Passcode on iPhones with Face ID), enter your existing passcode, and scroll down to Erase Data.

After 10 attempts (toward the end there will be a time lockout to slow down the entry process), the encryption key will be deleted and your data wiped.

Control access to what's accessible when the iPhone or iPad is locked
4 of 20 Adrian Kingsley-Hughes/ZDNET

Control access to what's accessible when the iPhone or iPad is locked

Control how much -- or how little -- you want to be accessible on a locked device. iOS 12 gives control over the following:

  • - Today View
  • - Notification Center
  • - Control Center
  • - Siri
  • - Reply with Message
  • - Home Control
  • - Wallet
  • - Return Missed Call
  • - USB Accessories

The bottom line is that the more you lock down, the more secure your device and data will be. The USB Accessories feature is especially useful, because it will prevent the Lightning port from being used to connect to any accessory if your iPhone or iPad has been locked for more than an hour.

Go to Settings > Touch ID & Passcode (or Face ID & Passcode on iPhones with Face ID), enter your existing passcode to control this.

2019-05-07-13-01-42.jpg
5 of 20 Adrian Kingsley-Hughes/ZDNET

Use a VPN, especially over public Wi-Fi

A VPN (virtual private network) allows you to create a secure connection between your device and the VPN service provider's server, allowing you to browser the web securely and in privacy without others being able to snoop on that you are doing.

There a a lot of VPN providers out there, but one that I've used a lot and trust is F-Secure's Freedome VPN

Control notification data leakage
6 of 20 Adrian Kingsley-Hughes/ZDNET

Control notification data leakage

Disable unnecessary widgets
7 of 20 Adrian Kingsley-Hughes/ZDNET

Disable unnecessary widgets

Widgets can leak data even when your iPhone is locked. You can either disable the Today View from being accessible when your device is locked (see earlier tip: Control access to what's accessible when the iPhone or iPad is locked), or you can edit the widgets as follows:

Swipe to the right on the Home screen into the Today View panel, and then scroll to the bottom of the screen and hit Edit. Now, you can remove any panel that you do not need.

img-1619.jpg
8 of 20 Adrian Kingsley-Hughes/ZDNET

Audit which apps have microphone access

Many apps request access to your microphone, so it's a good idea every so often to audit these apps to see if you are still comfortable with them having this ability.

To do this head over to Settings > Privacy > Microphone and make changes as you see fit.

Password AutoFill and third-party password managers
10 of 20 Adrian Kingsley-Hughes/ZDNET

Password AutoFill and third-party password managers

This, in my mind, is the killer security feature that Apple introduced in iOS 12.

iOS 12 now comes with both a password autofill feature using the iCloud Keychain and has the ability to connect to third-party password apps such as LastPass, Dashlane, and 1Password. This means that you can get access to your passwords across a variety of operating systems.

You can find this feature in Settings > Passwords & Accounts > AutoFill Passwords.

Control what Touch ID/Face ID is used to authenticate
11 of 20 Adrian Kingsley-Hughes/ZDNET

Control what Touch ID/Face ID is used to authenticate

Do you want the convenience of Touch ID or Face ID, or would you rather have the additional protection that having to enter your passcode offers? Again, it's balancing security against convenience.

iOS 12 allows you to switch Touch ID/Face ID on and off for:

  • - iPhone Unlock
  • - iTunes and App Store
  • - Apple Pay
  • - Password AutoFill

Go to Settings > Touch ID & Passcode (or Face ID & Passcode on iPhones with Face ID), enter your existing passcode to control this.

Check for password reuse
13 of 20 Adrian Kingsley-Hughes/ZDNET

Use iOS to check for password reuse

If you use the iCloud KeyChain to store web passwords, you can now use this to check for password reuse (which is bad, so don't do it!).

Go to Settings > Passwords & Accounts > Website & App Passwords and authenticate with either touch ID/Face ID or your passcode.

You will see a grey triangle with an exclamation mark next to any entry that is reused. To change the password, tap Change Password on Website.

img-1618.jpg
17 of 20 Adrian Kingsley-Hughes/ZDNET

Audit location-based alerts, Apple ads, and suggestions

Location-based alerts, Apple ads, and suggestions are all very convenient, but in exchange for this you are allowing your location to be tracked. If you want to take control over this, head over to Settings > Privacy > Location Services > System Services and tweak the settings you feel make you more comfortable. 

I generally keep Location-Based Alerts and Location-Based Suggestions on, and disable Location-Based Apple Ads, but you can turn them all off if you wish.

Set up two-factor authentication
18 of 20 Adrian Kingsley-Hughes/ZDNET

Set up two-factor authentication

Activate "Find My iPhone"
19 of 20 Adrian Kingsley-Hughes/ZDNET

Turn on "Find My iPhone"

This is a handy feature to have on if you worry about your device being stolen, or if you are careless with things.

To activate it go to Settings > then tap your name at the top of the screen, and go to iCloud > Find My iPhone.

From here, you can also check the Send Last Location feature, which sends the location of your device to Apple when the battery is low, allowing you to find it even when the battery is flat.

Related Galleries

Holiday wallpaper for your phone: Christmas, Hanukkah, New Year's, and winter scenes
Holiday lights in Central Park background

Related Galleries

Holiday wallpaper for your phone: Christmas, Hanukkah, New Year's, and winter scenes

21 Photos
Winter backgrounds for your next virtual meeting
Wooden lodge in pine forest with heavy snow reflection on Lake O'hara at Yoho national park

Related Galleries

Winter backgrounds for your next virtual meeting

21 Photos
Holiday backgrounds for Zoom: Christmas cheer, New Year's Eve, Hanukkah and winter scenes
3D Rendering Christmas interior

Related Galleries

Holiday backgrounds for Zoom: Christmas cheer, New Year's Eve, Hanukkah and winter scenes

21 Photos
Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza
img-8825

Related Galleries

Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza

26 Photos
A weekend with Google's Chrome OS Flex
img-9792-2

Related Galleries

A weekend with Google's Chrome OS Flex

22 Photos
Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup
shutterstock-1024665187.jpg

Related Galleries

Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup

8 Photos
Inside a fake $20 '16TB external M.2 SSD'
Full of promises!

Related Galleries

Inside a fake $20 '16TB external M.2 SSD'

8 Photos