The convenience of an iPhone can come at a price if you don’t secure your device well enough. Other people can get access to other devices and accounts, and gain access to your information and files.
Fortunately, it’s easy to secure your iPhone and make it tough for prying eyes to gain access, without sacrificing too much convenience.
Today we’ll cover the various ways of keeping your iOS data private — even if you don’t use them all, some are better than none.
Set a Strong Alphanumeric Passcode on Your iPhone
When you set up your iPhone, you are prompted to enter a six-digit passcode to protect your phone. You may not be aware that you can protect your phone with a stronger, more secure alphanumeric passcode.
First decide on a strong password to use. Then, go to Settings > Touch ID & Passcode and enter your current password. Then, tap Passcode Options and choose Custom Alphanumeric Code. Enter a new alphanumeric passcode, verify it, and tap Done.
The next time you unlock your phone, you’ll be asked for a new alphanumeric passcode. Even with Touch ID or Face ID turned on, you’ll need to enter a passcode when your phone restarts.
Disable Leaky Lock Screen Features
Applying a strong, alphanumeric passcode to your iPhone won’t prevent your data from being revealed if it displays on the lock screen. Emails, messages, and information in other apps can contain sensitive data which may show on the lock screen when you get notifications. Other features on the lock screen can also display information you don’t want people to see.
If you don’t want anything to display on the lock screen except the time and date, you can disable the following lock screen features:
- Today View (widgets)
- Recent Notifications
- Control Center
- Reply with Message (reply to messages from the lock screen only on devices with Touch ID)
- Home Control (control your home automation devices)
- Wallet (disables Apple Pay as well)
- Return Missed Calls
Go to Settings > Touch ID & Passcode and enter your passcode. On the Passcode Lock screen, turn off all the features you don’t want access to on the lock screen.
Hide Content in Notifications on the Lock Screen
If you’d rather not completely disable notifications on the lock screen, you can prevent apps from showing content in notifications on the lock screen.
Head to Settings > Notifications > Show Previews. By default, content is Always shown in notifications on the lock screen. Select whether you want to show content only When Unlocked or Never.
Disable Siri on the Lock Screen and “Hey Siri”
Siri is a convenient iPhone feature, and you can access it when your phone is unlocked or locked. However, it can reveal some information you would rather keep private. Also, Siri can communicate with anyone. It is not locked to your voice only (yet).
You don’t have to completely turn it off, but it would be more secure if it was disabled on the lock screen or prevented from listening for the Hey Siri voice command.
In iOS 11, go to Settings > Siri & Search. To disable Siri on the lock screen, turn off the Allow Siri When Locked option (the slider button turns white). If you don’t want Siri to respond to the Hey Siri voice command, turn off the Listen for “Hey Siri” option.
Note: The Allow Siri When Locked option is also available as the Siri option in the Allow Access When Locked section on the Touch ID & Passcode settings screen, as discussed in the section above. Turning off either option, turns off the other one automatically.
If you decide to complete disable Siri, turn off both the Listen for “Hey Siri” and Press Home for Siri options.
Revoke App Permissions
This method of securing your iPhone may affect the functionality of your apps. Many apps request access to features and data like your location (discussed in the next section), contacts, messages, and photos. Not all of them require access to everything though.
In some apps, the data or features they request access to is important, and sometimes crucial, for the app to perform its main function. For example, an email client like Mail, Spark, or Airmail needs access to your contacts to make it faster and more convenient to enter email addresses for sending emails.
However, there are many apps that request access to data and features that don’t affect the main functionality of the app. For those apps, you can deny them access to that information.
Go to Settings > Privacy. The features and data apps can use are listed. Tap on the feature you want to block access to for certain apps.
All the apps that use this feature are listed. To deny access to this feature for an app, tap the slider button for that app so it turns white.
Remember: If an app function stops working after you’ve done this, head back to the same menu and re-enable whatever it is you changed.
Limit Which Apps Have Access to Your Location
Location services allows you to choose which apps have access to your location and whether you want to share your location with family and friends. For example, you can set up location alerts in Reminders and you can use your phone to find nearby food, transport and services.
To access location services, go to Settings > Privacy > Location Services.
If you want to disable location services completely, so it can’t be used by any apps, tap the Location Services slider button so it turns white. Be aware that some apps, like Apple Maps, rely on location services to work correctly. Other apps may have limited functionality without the use of location services.
@lifeisbeautiful FYI – The iPhone app drains the battery very fast because location services defaulted to “always on”.
— Jode Gauthier (@JodeG) September 13, 2017
While location services can drain your iPhone battery faster, modern chips with Apple’s motion co-processor have made huge strides in energy efficiency since the early thirsty GPS implementations.
To stop sharing your location with family and friends, tap Share My Location and then turn off Share My Location on the next screen.
To prevent an app from using your location, scroll through the list on the Location Services screen and tap on the app you want. Next, tap Never to never allow the app to use your location.
If you don’t want to disable location services completely in an app, tap While Using the App. When the app is not open, it will not use your location in the background.
Some apps only have the Never and Always options available. In that case, if locations services are not crucial to the main functionality of the app, we suggest selecting Never.
Encrypt Your Backups
When you back up your iPhone to iCloud, your information is automatically encrypted when it’s sent over the internet and stored in an encrypted format when kept on a server. iCloud uses a minimum of 128-bit AES encryption and never provides any encryption keys to third parties.
For me always use iTunes when it’s a big upgrade. Had lots of issues with iCloud backup in the past and had to start again… https://t.co/bPWWye0j6S
— James Hothersall (@j_hothersall) September 15, 2017
To access iCloud Backup in iOS 11, go to Settings > [your name] > iCloud > iCloud Backup. Make sure iCloud Backup is on (the slider button should be green). To start backing up your phone immediately, tap Back Up Now.
Once iCloud Backup is on, you can have it automatically back up your iPhone to iCloud each day. To do this, make sure your phone is connected to a power source, connected to a Wi-Fi network, and your phone’s screen is locked.
If you back up your iPhone using iTunes, you must turn on encryption for your backups. When you connect your iPhone to your computer, go to your device in iTunes, select This computer, and check the Encrypt iPhone backup box. If you’ve never encrypted your iTunes backups before, you’ll need to apply a password to the backup.
Encrypted backups go beyond simple security: when you encrypt your backups, much of your password data, favorite Wi-Fi networks and so on are also stored along with that backup.
Protect Notes in the Notes App
If you store private and sensitive information in Notes, there is a way to encrypt your notes by locking them individually. Locking your notes is now easier in iOS 11. Simply swipe left on a note in the list, tap the lock icon, and enter a password. The password should be different from your Apple ID password and the passcode on your device.
A lock is added to the note, but it’s initially unlocked. Tap Lock Now at the bottom of the screen to lock any unlocked notes.
All notes with a lock applied to them are either locked or unlocked at once. So, unlocking one note by opening it and entering the password, also unlocks all the other locked notes.
Use Two-Factor Authentication
An important way to protect your data is to add two-factor authentication to your Apple ID account, which contains private information including credit card information. With two-factor authentication, you need something you know (a password) and something you have (a physical device or a fingerprint).
When you set up two-factor authentication, you register one or more trusted devices you control that can receive six-digit verification codes. Then, when you sign in to your Apple ID account, iCloud, or make an iTunes, iBooks, or App Store purchase from a new device, you’ll need to verify your identity using both your password and the six-digit verification code.
— Benson Chu (@bensonprchu) September 13, 2017
To turn on two- factor authentication for your Apple ID using your iPhone, go to Settings > [your name] > Password & Security. Tap Turn on Two-Factor Authentication and then tap Continue. Follow the on-screen instructions to set up two-factor authentication for your Apple ID account.
You can also turn on two-factor authentication using a browser on your computer. Go to https://appleid.apple.com and log in with your Apple ID user name and password. In the Security section on the main screen, tap Edit on the far right. Click Turn on Two-Step Authentication and follow the instructions to set it up.
Note: When signing in to iCloud.com in a browser, you can choose to trust that browser. However, it’s more secure to not trust it and enter a verification code each time. You cannot choose to trust the browser when signing into your Apple ID account. That always requires a verification code.
Other services like Google, Dropbox, Facebook, and Twitter, offer two-factor authentication, and we recommend you make use of it in all your accounts that offer it.
Use a Password Manager
In this online world, we all have way too many passwords to remember. We have many online accounts, all needing a password to access, and you should not be using the same password for multiple accounts.
How do you remember all those passwords? That’s the easy part. Use a password manager. There are many password managers out there, some just for iOS devices, and others that allow you to access your passwords on multiple types of devices.
Many password managers allow you to store more than just passwords, like secure notes, email accounts, credit card and bank account information, software licenses, wireless router credentials, and some even allow you to attach private documents.
Your iPhone comes with a built-in basic password manager called iCloud Keychain. It’s a secure way to sync all your passwords and other sensitive data you enter on all your Apple devices so you only need to enter them once.
To enable iCloud Keychain, go to Settings > [your name] > iCloud > iCloud Keychain. Then, tap the iCloud Keychain slider button.
iCloud Keychain is not a full-featured password manager. If you want to be more secure and have access to additional features, you can use a third-party password manager like 1Password, LastPass, Dashlane, MiniKeePass, or DataVault.
Make sure you protect the password manager with a strong unique password.
Use Private Browsing
Every major browser has some type of private browsing feature, including browsers on your iPhone. When you use private browsing mode, the browser won’t remember webpages you visit, your search history, or your AutoFill information (discussed later in this article).
One of the several reasons why I use an iPhone is that it’s easier to use private browsing & protect your location. https://t.co/rAdeQOYero
— Jake E. Hamby ??? (@jhamby) July 7, 2017
To access private browsing mode in Safari, tap the tabs icon in the lower-right corner of the screen and then tap Private in the lower-left corner. To return to regular browsing mode, tap the tabs icon and then Private again.
Private browsing tabs and regular tabs are tracked separately in Safari.
Be aware that private browsing is not a guaranteed way to stay secure. There are several ways in which private browsing can be defeated. Other browsers, like Chrome and Firefox, have their own versions of private browsing mode.
Delete Browsing Data
When you don’t use private browsing, browsing data like cookies and web history, is stored on your phone. However, this data can be deleted. Once you delete your browsing data, you’ll have to sign in to websites again, but it will keep your sensitive information more secure.
To delete your browsing data in Safari, go to Settings > Safari > Clear History and Website Data. Then, tap Clear History and Data on the popup dialog box.
Browsing data can also be deleted in other browsers you use on your iPhone, like Chrome, Firefox, and Opera Mini.
Block Cookies and Do Not Track
Cookies are small files saved to your computer by almost all websites you visit. They may contain information about you, your phone (or computer), and your preferences. They do helpful things, like help websites keep you logged in, or annoying things, like show you relevant content, including ads.
Deleting cookies will cause some inconvenience when you must log in to websites again, but that’s a small price to pay to keep your sensitive information secure.
To block all cookies in Safari on iOS 11, go to Settings > Safari. Scroll down to the Privacy & Security section and turn on the Block All Cookies option. You can also prevent websites from tracking you by turning on the Ask Websites Not To Track Me option.
If you would rather not block cookies, make sure you delete them on a regular basis, as discussed in the previous section.
These options don’t seem to be available in Chrome or Firefox for iOS.
Disable the AutoFill Option in Your Browsers
The AutoFill feature in browsers is convenient, but it’s not always secure. If someone gets their hands on your phone, they could automatically log in as you on the same websites on which you use AutoFill.
To turn off AutoFill in Safari on iOS 11, go to Settings > Safari. In the General section, tap AutoFill. For maximum security, turn off all the options on this page.
It may be inconvenient to sign in to websites manually, but it’s worth the bother if it protects your sensitive information.
There’s an AutoFill option in Chrome you can turn off. Firefox has a Save Logins option that’s like AutoFill, and we suggest you turn that off if you use Firefox.
Disable Automatic Sync to iCloud
By default, data on your iPhone is synced to your iCloud account. This includes messages, notes, contacts, documents, and photos. If you’ve added two-factor authentication to your Apple ID account (as we discussed earlier in this article), it’s more secure. There are also other ways to protect your iCloud account.
However, if you would rather your information not be synced to iCloud, or if you don’t want certain types of information synced, you can disable syncing to iCloud on your iPhone. If you don’t have that many iOS devices and you have information in some apps that you only need on your iPhone, you may want to turn off iCloud sync for those apps.
To disable syncing with iCloud on iOS 11, go to Settings > [your name] > iCloud. Apple apps are listed at the beginning of the list on the iCloud screen. To prevent an Apple app from syncing with iCloud, tap the slider button for that app.
The iCloud Drive option below iCloud Backup, turns iCloud syncing on or off for all other third-party apps that store documents and data on iCloud. If it’s on, you’ll see a list of third-party apps installed on your phone. You can turn off iCloud syncing for individual apps by tapping the slider button for each app.
Stop Automatically Connecting to Known Wi-Fi Networks
You probably take your iPhone just about anywhere you go to stay connected and productive. Many places you go provide free Wi-Fi so you probably have a long list of Wi-Fi spots you’ve connected to in the past.
By default, your phone will automatically connect to a known Wi-Fi network (one you’ve connected to before) when it finds one. This can be useful, but it’s not always secure. If someone has established a fake wireless network with the same name as a trusted public hotspot, your iPhone might connect to that network instead. Then, your data is available to that scammer.
It’s more secure to manually connect to each network your phone finds whether it’s known or not. To prevent your phone from automatically connecting to known Wi-Fi Networks, go to Settings > Wi-Fi. Tap the Ask to Join Networks slider button.
Use a Virtual Private Network (VPN)
Another option to keep your data safe when using your iPhone in public places (or even at home), is to use a virtual private network (VPN). A VPN encrypts all incoming and outgoing internet traffic making it useless to anyone who tries to intercept and analyze the data.
There are many VPN service providers, some better than others. We compiled a list of what we consider to be the best VPN service providers, both paid and free.
Find a VPN service you like that has an iOS app, install it, enable it, and start surfing the web more securely.
Use Your Common Sense
These are just some of the ways you can secure your iPhone. Use your common sense and be careful when accessing sensitive websites or using sensitive data. You should also secure your Apple Watch, if you have one. It also has access to sensitive data from your iPhone, like emails, messages, contacts, and even Apple Wallet data for Apple Pay.
How do you secure your iPhone? Do you know of any other methods we haven’t mentioned? Let us know your experiences and recommendations in the comments.