Top iPhone Security Settings to improve Privacy and Security
Hardening your iPhone
We give people a device that is always connected to the internet, can be used to purchase almost anything, yet we give them little guidance about how to secure it?
Are your credit cards stored on the phone? Passwords to websites? Any information you would not want other people to see? If the answer is yes, then please read on..
Most people take physical security pretty seriously. They have locks on their doors and windows. Some people have alarms and cameras to keep their home protected. They keep their valuables hidden away. When they leave they lock the door.
The iPhone which at the time of writing this is the most popular phone in the world has some great security features, but a lot of people don’t configure them. It’s as if they don’t take their digital security nearly as seriously as their physical security. In an age when most crime is digital and it’s only likely to increase. This needs to change.
What this guide is for
Many people seem to be under the impression that they have little to hide in terms of privacy, but how would they feel if someone was going through everything on their phone or if they didn’t have their phone anymore??
This guide has been put together to share recommended security and privacy settings that help to increase the security of your iPhone and also help to reduce the amount of tracking. Feel free to comment, give feedback and share, these are by no means conclusive but this does give a good baseline for hardening your iPhone.
Physical iPhone Security
Camera Covers
Apart from keeping your phone physically safe. One of my security recommendations is to make sure that your front facing Webcam is covered. Should your phone ever be compromised than a physical block on the camera will prevent anyone being able to use the camera.
To do this I strongly recommend these stickers from Silent Pocket. They allow you to keep camera is covered up and you can remove the sticker and re attach it if needed. If you do choose to use facial recognition, this functionality still works with the camera covered.
iPhone Case
I would never recommend using an iPhone without a case. Yes the phone may look more aesthetically pleasing, but naked iPhones do not bounce and they tend to be expensive to repair once Apple Care Expires. I also believe that repaired phones never seem to work as well as the original, but I have no hard evidence to prove that.
My case of choice is the Otterbox Defender which I know at $60 is expensive, but the level of protection is unreal. I’ve dropped my phone countless times on walks and runs and the screen has never smashed.
Auto Lock
When you’re not using the phone you should have it set to lock. If it’s unlocked and somebody was to pick up your phone, then they would have full access to the phone and it’s contents.
This setting is under settings → Display & Brightness → Auto-Lock
Passcode
There are a number of changes that I recommend for the passcode, which many people don’t put in place. I’ve spoken to people with 4 digit passcodes of 1111 or 1234 who really don’t think that’s an issue. If you’re serious about security, then please take note of the changes below.
Alphanumeric Code
Your iPhone will default to having a 6 digit passcode, yet many people set this to 4 digits for ease of use. DO NOT DO THIS! Set the phone to use a custom alphanumeric code. A passcode can be guessed and there are now commercial “security” products that can emulate your iPhone (see later in this article) and crack the 4 or 6; this does not work for an alphanumeric code.
The Passcode Settings can be found at Settings → Face ID & Passcode (or Touch ID & Passcode on device with a home button)
- Click Change passcode and you will be prompted to enter your current passcode
- Press Passcode Options at the bottom of the screen
- Click Custom Alphanumeric Code
- Enter a phrase or set of characters that you will remember
Locked Settings
By Default Apple allows you to access some of the features of the iPhone even when locked. This is a convenience feature and in the past there has been exploits found (and then patched) using these. My recommendation is to turn all of these off as you don’t need them and you should only be able to use the features of the phone when you unlock it.
Scroll to the bottom of the passcode section and turn off all the settings in the screen below.
Erase data with failed passcode
I recommend to turn this on, if someone does have your phone and tries to guess the password without using software, your data will be erased and protected. It just adds another layer of security, should your phone end up in the wrong hands.
Priority Settings
Update your Phone
Apple provides regular security updates through their software updates and they are free.
One of the easiest ways of securing your phone is by keeping up to date with the built in IOS update schedule.
Apple test updates for several months with volunteer Apple enthusiasts to ensure that the updates are stable.
IOS support Automatic updates and I recommend to turn that on. Change this in Settings → General → Software Update
Turn Off Siri
Siri is listening to you at all times, why do you need this? What if someone could exploit this and listen to you at all times. What if Siri accidentally recorded your private conversations and those conversations fell into the wrong hands. You don’t need Siri in your life and you’ve been functioning fine without it.
There are two places where you have to make changes to turn Siri off. First go to Settings → Siri & Search
Further down on the same screen there are settings for Siri to learn from your Apps. This has the potential (but is not confirmed) of monitoring your app usage and if that data was ever to be leaked for that information to fall into the wrong hands. I recommend turning off learn from App Clips and Show in Search and Suggest App Clips for every App.
You also need to go to another area in settings to disable Siri; goto Settings → Accessibility → Siri (this is right at the bottom)and turn off all the settings as per the screen shot below:
Limit Location Services
By default no app should be tracking you. Also no app should really need to know your precise location. Try thinking about all that information about you being stored, places you’ve visited, food you’ve ordered, your vacations, where you take your pictures, even your frequent locations. Not every app needs your location. My recommendation is turn off all of them and try and use the app without location.
If you really need to use an app for location then use the setting allow while using and turn off precise location.
To make the change go to Settings → Privacy – > Location Services
Keep Location Services On and then click on each app on the screen and change the settings. For the majority of apps you should be setting the Allow Location Access to be never. So in the example app below this is a very buying app, I can just manually enter a zip code, I don’t need them to track my location.
There will be some apps that won’t work without your location. For those apps, only set Allow Location Access when using the app and deselect use my precise location. (Please note that if you are using a mapping app you may need ro enable precise location but by default turn it off.) I use the app below to find electric charging stations for my car so for this to work I do need location services, but I only want this on when I’m using the app, there’s no need for the app to track me when I’m not using it.
Stop Safari Autofilling everything
Having Safari remember all of your username and passwords is a bad idea and having it autofill your credit card information is even worse. If somehow your phone was compromised, lost or stolen and someone had access to the phone. They could potentially access a lot of your personal information. I just don’t believe that the benefit outweighs the risk.
Prior to IOS 12 my default was to use a third party password manager and then turn off autofill passwords. My recommendation now is to turn on this feature BUT only with a third party manager. My personal preference is LastPass (which costs me about $30) a year, but you can also use 1Password, mSecure, Enpass, Keeper and many others. Even if someone did manage to get hold of your phone, the chances of someone accessing your passwords with a 3rd party manager are incredibly unlikely.
Once you’ve chosen, setup and installed your Password Manager, change the Autofill settings at Settings → Passwords → AutoFill Passwords
Make Sure AutoFill Passwords is selected, but Allow Filling From should be set to the Password Manager, not iCloud Keychain
Do not use Apple Pay
Seriously just don’t turn it on. Use your card instead. You don’t need Apple Pay, there’s no reason to allow your phone to be a credit card. It may be convenient and there have already been documented Apple Pay Phishing Scams. Also if you were to set this up on an unsecure network you have chances of your card details getting intercepted. Apple touts this as a more secure method of payment than using your card, personally I think it’s only a matter of time before there will be some kind of Apple Pay hack.
Share My Location
Do not share your location! This setting allows other people to track your movements and is not recommended. I do realise that you may want to do this with family members, but I personally do not advocate it. Without meaning to, you can easily end up sharing your location with all of your contacts. More importantly if someone was able to track your location without your consent, it would be a serious invasion of privacy and could be used maliciously.
To change this setting, go to Settings → Find My iPhone and turn off Share My Location
Important Settings (not as high as the priority Settings)
Track your activity
In IOS 14, apps now have to ask you if they can track your activity in other websites and apps. I always say no! I’m very against this level of monitoring and have issues about how this is used for marketing in general.
Whenever I install a new app, that asks, I always hit Ask App Not to Track
Allow Network Access
This is a new setting in IOS 14, where you have to give your approval for network access. With the exception of my Sonos app, I’ve not had any issues with apps not working with Network Access turned off. As good practice, always do not allow network access. If somehow your iPhone was compromised this setting could allow people to access devices and information on your home network.
Cleaning Up All Apps
If you want to clean up your existing apps, you need to check each one from settings and make sure sure the following settings are changed:
Allow tracking is set to off
Allow Network Access is set to Off
It is laborious to check each one individually, but I highly recommended to do it.
Hardcore Settings
The Settings outlined above will make your iPhone more secure than most people and will certainly reduce your risk off data loss through a lost, stolen or compromised phone. You can however take things to another level, but a lot of these settings will make the phone less ‘friendly’ to use.
No Wifi
If you’re going for extreme privacy then the recommendation is not to use any wifi network at all. Only use data to access the internet. This may seem crazy, but it will reduce your footprint in terms of logs when and where you connect to the internet from.
Faraday Case
When you’re not using your phone and when you’re traveling, use a Faraday case. This special bag will block your phone’s signal when traveling and prevent it from logging in to cells whilst you are moving around. This is the case that I have
Turn off iCloud
This is the most extreme setting to turn off, but will ensure that you have more privacy than the built in iCloud settings. For a lot of people this is not practical as it will disable iMessage, iCloud for photos, iCloud backup, find my iPhone and many more services. In essence everything will be stored on your phone unless you specify some other cloud storage.
I personally do not do this, but if you really are going for an extreme privacy model, then this is the recommendation. To do this Go to Settings → Click your name at the top where it says Apple ID → Click Sign Out (at the bottom of the page)
From the next screen, click turn off, then follow the prompts on the next screens and confirm sign out again when asked.
Recommended Security and Privacy Applications
Lockdown
This free and open source app blocks trackers, ads and some spyware when you browse and within apps. It works as a firewall and has a paid option too (I use the free one.) Read more about it here or download it from the app store
Proton VPN
If you’re on public wifi or working on some sensitive content, I recommend using a VPN. My VPN of choice is Proton VPN they are based out of Switzerland, are a no logs service and they have a great IOS app which makes the service very easy to use.
Brave Browser
IOS now supports the ability to change your default browser and my recommendation here is to use Brave. It’s a more privacy focused browser, is fast and has built in ad and tracking blockers. You can download Brave for IOS here
Conclusion
Of all the commercial smartphones, the iPhone is often considered to be one of the safest. This does depend a lot on which settings you change and the points above do help to harden. your phone.
Times are changing though, law enforcement and now some public schools in the US now posses devices that have the ability to crack passcodes. What this means is that potentially the bad guys will also have access to similar or the same tools, so the need for iPhone privacy is perhaps greater than ever before.
A lot of people believe that the iPhone cannot be infected with Malware and is a secure device, but just recently 36 journalists were hacked and their phones compromised My view is to be paranoid, imagine if your phone was infected, what could someone access, this is why I don’t add passwords or my credit card on my phone.
