Security and convenience are perpetually at war. There will always be errors, compromises, and oversights that put our privacy at risk. Old ones will get fixed but new ones will get discovered. So what can we do?
While many of the conveniences of iOS and macOS make our iPhones and iPads easier to use, there are also ways to remove those conveniences and make our them even more secure. If your privacy is worth more to you than ease of use, here's how you can better lock down your iPhone and/or iPad, and any Mac it might connect to.
Note, These steps are not necessary for most people, most of the time. Following them will absolutely make your iPhone, iPad, and/or Mac more secure but will also make it much less convenient. Consider it the difference between living in a house with a lock on the door and maybe an alarm system compared to living in a panic room. Think carefully about your risk level, read over your options, then implement the ones that make sense to you. You can always go back and turn more on, or off, as your needs or feelings change.
How to setup and use a strong password, Touch ID, and/or Face ID
If you have Touch ID or Face ID on your iPhone or iPad, use it. It's more identity than security, but it provides a good, balanced approach to letting you in while keeping others out. So good, in fact, that if you want to increase security, you can upgrade from a 6-digit passcode to a strong, alphanumeric password.
If a passcode is like a lock on your door, a password is like a series of deadbolts. It'll take you longer to get in, but it'll take anyone else so long to get in they may was well not even try.
- How to secure your iPhone with Touch ID
- How to secure your iPhone X with Face ID
- How to secure your iPhone or iPad with a strong alphanumeric password
- How to choose a better master password [AgileBits blog]
- Password haystacks
How to minimize data exposure on your iPhone or iPad Lock screen
For the sake of convenience, Apple allows you to access Notification Center, Wallet, Siri, and Control Center right from your Lock screen. That means you can quickly glance at incoming messages, pay for your Starbucks beverages, set a Reminder, or toggle on the Flashlight. It also means anyone else within eyeshot or reach can glance at your messages, try and photograph your barcode, ask for certain types of information, and toggle on Airplane mode without having to enter your passcode, Touch ID, or password.
If you value those features on your Lock screen, then by all means enjoy their convenience. If security and privacy is more important to you, however, you can turn them all off.
- How to disable Notification Center on the Lock screen of your iPhone and iPad
- How to disable access to Siri and Passbook from the iPhone or iPad lock screen
- How to disable Control Center access from your iPhone or iPad Lock screen
How to use 2-factor authentication
Security works best in layers, and defensive depth means having as many layers are possible. Biometrics (like Touch ID or Face ID) cover "something you are", while the password is "something you know", a token is "something you have".
With 2-step authentication, you will have to enter an app-specific password, or an additional token the first time you set up the service on your device, but it'll make it more than twice as strong for only a minimal amount of extra effort.
- How to set up two-factor for Apple and iCloud
- How to set up two-factor for Google and Gmail
- How to set up two-factor for Dropbox
- How to set up two-factor for Amazon
- How to set up two-factor for Twitter
- How to set up two-factor for Facebook
- How to set up two-factor for Instagram
- How to se up two-factor for Tumblr
- How to set up two-factor for Skype
- How to set up two-factor for Nest
- How to use Authy to manage two-factor
How to keep your web browsing, location, social and other data private
Your iPhone and iPad can accumulate a lot of data over time, including data you may not want or need it to accumulate. Likewise, you can grant access to your data to a lot of apps and services over time, including apps and services you may no longer want or need to have access. Luckily, iOS makes it easy to review and change your privacy settings. So do many online services as well. Also, if you're on a network you don't trust, and have access to a VPN service you do, you can use that to help keep your data private as well.
- How to manage Privacy settings on iPhone and iPad
- How to configure VPN access on your iPhone or iPad
- How to adjust your privacy settings for Facebook
- How to audit your data and settings on Twitter
- Best content blockers for Safari
Lock is all down
If you value your privacy and security over your convenience and ease of use, the above are some of the steps you can take to further lock down your iPhone, iPod touch, iPad, and Mac. It's by no means a complete list, and it's by no means for everyone. It's what's you can do to better protect yourself against some of the more common privacy and security issues you're likely to encounter.
Updated January 2018: Updated for Face ID and more recent best practices.