12 Tips & Tricks for iPhone Security & PrivacyUpdated: May 29, 2019
We've compiled some tips and tricks for you, iPhone users, to keep your information safe from sneaky eyes, as well from threats and hackers.
Even though our main device in the daily life is the smartphone, we kind of forget s=or simply don't realize that cyber security also implies this kind of devices, not only laptops and computers.
It's true that it is known that iPhone users are less vulnerable to hacks, due to the pretty secure software named iOS. But that doesn't mean you can't be extra safe. Hey, better safe than sorry, right?
How to make your iPhone safer? We've compiled some tips and tricks for iOS security - (almost) everything for keeping your information safe from sneaky eyes, threats, hacks and data leaks.
Before we get into the full subject, I wanted to point out some of the major iOS scurity problems that happened throughout the years.
Since the first iOS launch in 2007 (it was actually called iPhone OS 1), Apple tried to offer its customers only the best when it comes to security. Sure, they sometimes did fail, but they learned from their mistakes. They managed to put the idea on people's minds that iOS is one of the safest and most secure software out there.
In comparison with other software, like Android, it really is. I do believe that they managed to do this by keeping their software code for them - you couldn't pair an iPhone with an Android phone, and the apps were (and still are) quite strictly verified before they can reach the App Store.
The iOS software is a closed-source, in comparison with Android, which is an open-source. This decision helped Apple along the years, because it helped the team offer:
- better security - being a closed-source means that it's way more difficult for hackers to attack, or for you to catch viruses, bugs and other type of malware
- authenticity - the team could focus on offering the best quality, because they have their own hardware (camera, processor, sensors etc.); they could really focus on the target audience and keep the prices up (if they had an open-source, someone else could've used the code for their own brand of smartphone and offer the device at a lower price)
As I said, no one is perfect, and Apple did encounter some problems. The most popular ones are:
- - the leaked photos;
- - the FaceTime bug.
The leaked photos situation happened in 2014 when a number of celebrity photos (mostly of women, and containing nudity) were posted on the 4chan website. Later, they were shared over Reddit and Imgur. At first it was considered that this leak was due to a faulty API (which made possible an infinite amount of password attempts to iCloud accounts).
The other assumption was related to a breach in the iCloud services.
Later on it was discovered that the whole leak was due to some phishing attacks. Kind of awkward, don't you think? This is exactly why I'm always advising: be responsible and careful regarding the links you receive and the website you visit.
So this whole security related-issue was not quite due to a poor Apple security. The next one, though, it was.
This issue happened in 2019, when FaceTime had a bug on a iOS 12th version. What happened is that if someone were to call you through FaceTime, they could've heard what were you talking even though you wouldn't have hit the answer button. Quite unsettling.
Someone discovered this bug in the code and they couldn't believe it. It was soon a popular piece of news, because everyone was trying to "test" it, to see if it was true.
Nonetheless, not everyone could "experience" the situation: only two iPhone users, who had the same version of iOS installed on their smartphone. If one of them had a previous version, the problem didn't exist.
If you want to check out some of the security history behind the iOS software, you can check out The Evolution of iOS Security features article; you'll find information up until the iOS 9.
I'm aware that this advice is one of the most common, and one of the most ignored. I, myself, don't regularly update the iOS, because I'm always checking to see if the version comes with some bugs.
Still, this is the safest way to keep your iPhone secured - see the above situation, with the FaceTime problems. Apple released a new version as soon as they could, and if you didn't want to experience that problem anymore, you had to update the software.
The same goes if you want to be sure that hackers don't crack some code and start attacking account and phones. It's kind of a good thing that Apple releases multiple versions of software, as it doesn't give time to hackers to do harm.
Let's not forget about the apps. Again, I'm not quite the best example as my apps are all behind the schedule. But I'm beginning to realize that I shouldn't always wait to update (neither the software, nor the apps). There's never going to be the perfect version of a software/app. Yes, you can deactivate the automatic updates, but check them out on a regular basis. Give the updates some time, especially the software ones, read a bit about them (maybe you'll want to skip a versions that has a FaceTime bug), and then go for it.
Getting to your privacy, there are quite a lot of apps that are designed to keep your privacy at a high level. Browsers, messaging apps, VPNs, and many more.
The Safari browser is quite safe as it is made by Apple, and this implies it has the same level of security. You should know this: you can modify Safari's settings.
Head over to Settings > Safari. Scroll down to the Privacy & Security section. Right there you'll see 6 options that you can activate/deactivate. You can:
- ask browser not to track you;
- block all cookies;
- prevent cross-site tracking;
- receive a warning when you're visiting a fraudulent website.
And right above this section you can find the Block Pop-ups option. Quite secure, right?
But if you don't like it, there are two (or more) other options:
Firefox says it doesn't trace you at all when you're browsing in Private Mode. This means that it doesn't keep information regarding your history or your cookies.
The app blocks any trackers it finds, from Social Media trackers, to Ad trackers. You have the option to disable this feature for each website. It even counts the trackers it blocked - it will be cool to actual know the truth about how many there are, right?
DuckDuckGo does similar things as Firefox, but it has some other interesting features. For example, it has the ability to grade each website you're visiting (from A to F), showing you immediately how protected are you. You can see more details, of course, to see who's actually tracking you.
Other nice features is that you can protect the app with Touch or Face ID, and you can simply tap a button (conveniently shown in the main window) and the whole history and data is removed.
For messaging, the newest trend is Telegram. It has some pros and cons as well, such as it encrypts your phone call by default, but you have to manually turn on encryption for messages. Even though Whatsapp says it is safe, being acquired by Facebook means that it can now share information between apps. Your messages are still secure, but your account data might be the one which is shared. Here are other, more private alternatives.
At the beginning of each "Set up as new iPhone" process, you're being asked multiple questions regarding tracking. Maybe you're too excited that you got a new iPhone, hence you're clicking yes to everything.
In case you want to stop all of their tracking, you can simply go to Settings —> Privacy —> Analytics. There you'll see a few options that you can disable. For example, Share iCloud Analytics or Share With App Developers.
It's not like Apple is trying to cause you harm, but maybe you just don't want to participate in their app and software improvement.
By default, even though your iPhone or iPad is locked, you can still swipe right and see the widgets section. Think of this: maybe you added a widget from your banking app. Do you really want people to see this?
There are numerous widgets that you can add, but be careful! Even the Calendar app might show others (that actually got your phone in their hands) what you're up to.
Also by default, the whole set of notifications is visible. If you receive an iMessage notification, you can see a preview of the text right there, on the locked screen. Same goes for other messaging apps, and other types of notifications. You can choose to disable the preview for each app.
Indeed, some applications don't offer you this choice, but maybe they will, soon. And do remember that you can choose right from the iPhone settings to disable the preview for the whole set of apps or for specific ones.
To do this, you have to go to Settings —> Notifications. There it will be, right in front of your eyes: Show previews. You can choose to show then Always, Only when unlocked or Never. This setting will apply to every app possible. Otherwise you can pick the exact app that you want.
As Touch ID and Face ID are becoming the new normal, so to say, more and more apps allow you to secure them using these options instead of a pass-code.
Even though Touch ID has some bugs - you might be asleep while your fingers are being used to unlock your phone - it is still a better option to choose when it comes to securing your apps.
Face ID doesn't have the same "issues" as Touch ID - you can be asleep and nobody will be able to unlock your iPhone - so it's becoming an even better solution to keeping things secure.
Some of the apps that have already implemented this kind of locking are banking, password managers, some Photos/Files apps and so on. I can't wait for the day when locking will be available to social media apps.
Location Sharing is another thing that can cost your privacy, and there are two things that you can do:
- disable iPhone from constantly tracking you;
- disable location on apps that you know you don't need it.
In case you didn't know, iPhone can actually track all of the places you've been. It shows you a map, and details about each place. Useful some times, but I really hope that that data doesn't go anywhere (people are skeptical, you know that; it's normal).
To see where have you been (now you're singing Rihanna's song, aren't you?), go to Settings -> Privacy -> Location Services. Scroll to see Significant Locations and there they'll be: all the places you've been, usually grouped by city. Once you tap on a city, you'll be able to see the map and all of the places.
Not only that you'll see the places, but you'll also see the exact date, hour intervals (how much you've stayed there), and how did you arrive at that place (e.g. arrived after a minute drive). Some super exact information. The good thing is that you can access this information only with Touch ID or with a pass-code (depending on what are you using).
You can disable the Significant Locations, of course. And you can disable other services that require your Location. You can find them all in the Locations Services window.
Coming to the apps, there's not much to say more than what I've said: disable the Location on the apps that you know for sure you don't need it. In case you use the social media apps a lot (actually being active, not only scrolling and stalking), then you might have to leave it on. Otherwise, you can pretty much disable it for these kind of apps, too. It will also save you some battery.
This one is kind of my favorite tip. I never had this kind of screen protection until I got a bigger iPhone. Bigger iPhone, means bigger screen, means that EVERYONE could've clearly see what I'm scrolling, seeing, liking and all of that. Which made me think, do I really want that? No.
So I went on and searched for a privacy screen protection. This kind of product lets you use your phone without any concern; the person next to you will not be able to see what you're doing there - they'll only see an almost black screen.
Tip: for 100% discretion, use the brightness at an almost minimum level. If you use it at a maximum level, others might still be able to see some things if they are truly interested. Hey, nothing is perfect.
I am very please with my decision and I will use this type of privacy screen protection even when I'll have a smaller iPhone. Why should anyone see what my Facebook feed looks like, what am I reading, who am I texting to, and how much money do I have in my bank account? I'm sure you'd want to be as private as possible, too.
I got mine from Amazon, and even though it doesn't fit right on the edge (actually it's better this way), I think it's one of the best I've had - glass protection, and it really stuck to the screen.
Did you hear about "juice jacking"? Not the typical term. It refers to the situation when information can be stolen from the device, or when a malware is installed on your device; both of them are made through USB accessories.
Luckily, iOS lets you restrict the usage of USB accessories. This means that you can prevent USB accessories to connect to your iPhone when it has been more than an hour since it was locked. By default, this setting is on (actually, the button is on the left side). If you don't want to unlock your iPhone in order to let USB accessories to connect, you'd have to switch the button to the right side.
When I'm talking about iPhone security, I'm not just referring to cyber security - as you may have seen from the previous paragraphs. I am also thinking about the situation when your iPhone gets stolen, for example.
The safest way to keep an eye on your iPhone is to activate the Find My iPhone function. It is a built-in tracking software. Not only it lets you to find your phone if it's missing, it also locks it so that whoever found it can't use it. Of course, you have to act quickly - quickly realize that your iPhone is gone.
As soon as you do, and as soon as you can, get to a computer or borrow your friend's iPhone. Enter the Find my iPhone app - it will ask you for your Apple account. Log-in and set the Activation Lock feature. In this way whoever found your phone won't be able to turn off the Find My iPhone function, erase the phone or reactivate it.
Through this app, you can also send a notification containing a message that will appear on your phone. For example "you can return this phone to this address".
The nicest part is that even if you don't have the Location activated, you can turn it on through the app.
Tip: if you have the iWatch, you'll quickly be able to see if your iPhone is missing. First of all, you can swipe up and tap on the Ring Phone - you iPhone will emit a high volume sound, pointing you to a direction where to look at. And you'll also shorten the time until you realize that your iPhone is lost - your iWatch will show you that the iPhone is disconnected, meaning that it's no longer with you.
Passwords are hard! Ask any security expert about them, and you are in for a treat! Ranging from crazy character rules to having a different password for every account, when it comes to passwords the list of best practices will never end.
However, the truth is that you need to follow only two rules to make sure your accounts are secure:
- Use very long passwords. It is better to use a long password that has only characters in small caps than to use a short password with a lot of weird symbols.
- Use different passwords for all your online accounts you value a lot. Try targeting the accounts that have direct access to your finance or any sensitive personal data.
If you are like us, long and different passwords for each account will ultimately result in a lot of forgotten passwords. To solve this problem, a wide range of third-party password managers are available on the market. These will allow you to safely store and manage your passwords in a safe environment that is following the best security standards on the market. We advise you to pick one of the more popular options, and consider spending a couple of dollars to acquire the paid version - you don't want to be cheap when it comes to your online security!
Regarding the free ones, Apple actually offers you the Keychain - this is the OS password manager. It can actually contain more than just passwords: certificates, secure notes, private keys etc. In case you don't trust any third-party app, this one is the best choice. But do take into consideration that it works the best when you're only using Apple products.
Keychain is not designed for Windows, hence you won't be able to have all of the passwords on your computer, as well as on your iPhone.
In case you have an iPhone and you're using a Windows-based laptop, I would suggest you to use LastPass. I'm using this one, and I find it extremely useful. Recently, Apple let them add the auto-fill option on iPhones, too. And you can share credentials with someone, without them actually seeing the passwords.
Well, you found our suggestions from "Password AutoFill and third-party password managers" too hard to follow and you decided to use the same password for all your accounts. What could happen? In the eventuality of an attacker figuring out your access credentials, his first next step will be to attempt to use the same credentials on all popular websites.
To combat this, all the major players in the online industry provide a system called two-factor authentication. What this means is that a secondary step will be required from you once you enter the username password combination. Most of the time, the application will ask you for a 6 digits code sent over via a text message. This ensures another layer of security since the attacked also need to have access to your phone before being able to access any of your data.
For iOS, even logging in to icloud.com, on a new computer, will trigger a activation code that you'll receive on your primary device. Without it, you can't log in on that computer. Same goes for other new device that requires your Apple account. Once you choose to have the two-factor authentication, you can't go back.
Sure, the two-factor authentication process will require a bit more of your time, and it might feel like a redundant process. However, keep in mind that, while technology evolves, security issues and potential attacks evolve as well. Your privacy and personal data are your most valuable possessions, and protecting them should be a priority.
While Apple created the Face ID and the Touch ID quite strong (they are the best from the smartphone industry), it will be great to add another layer that you can choose to have: Face ID, then enter the pass-code. This could be translated into a two-factor authentication.
Whenever you're on a public or unsecured Wi-Fi, use a VPN. Why should you compromise your information? You'll be able to travel without any concerns, using all kinds of Wi-Fi networks.
It is safe to know that you shouldn't choose a free app, because they usually come with a different kind of price (e.g. DNS leak). But I did find a quite nice, free app - Avira Phantom VPN. It restricts your data usage to 1GB per month, but I trust that it's safe. It's a well known company, so I don't think they would play with fire.
The benefits of using a VPN are a lot more, therefore I invite you to check out one of our articles:
So there you have it. The 12 Tips and Trick for iOS Security and Privacy. In case you want to read a comparison between iOS and Android, do read our article below: