How can you keep your Apple devices and data safe? We asked the experts

A woman on a beach looks at an iPhone X and unlocks it using Face ID.
(Image credit: Apple)

It’s more important than ever to keep your devices safe and sound. Apple’s products are known for their rock-solid security, but that doesn’t mean they’re invulnerable – all it takes is one silly mistake to get infected. But what’s the best way to ensure everything remains free from malware and privacy invasions?

Well, we recently spoke to password manager company 1Password, and they offered up some advice on how to keep your Mac, iPhone and iPad safe. Here are their top tips.

Secure your passwords

password settings on iPhone

(Image credit: iMore)

Given that 1Password is a password manager, it’s probably unsurprising that the first tip from Chief Product Officer Steve Won is how to strengthen them. “Always use strong, unique passwords – never reuse passwords,” he contends. The reason being if one account gets compromised and falls into the hands of a hacker, they won’t be able to use those details on any other account. In other words, your other logins are still safe.

As well as that, Won explains that “your password should be complex and randomly-generated. The longer and more complicated the password, it becomes logarithmically harder to crack. Using a password generator to create something unique for each site can make this simple to do.”

Even better, use a passkey instead of a password to secure your accounts. A passkey uses your unique biometric data – like a fingerprint – instead of a password, making them far more secure. Without that data, there is no password to leak or be phished.

Also, it’s a good idea to delete your old and unused accounts online. This one is simple: fewer accounts mean fewer places your data and passwords can leak from. If you’re not using an account, log onto the account’s website and delete it.

Multi-factor authentication

A woman holds an iPhone while using a MacBook at a desk.

(Image credit: Karolina Grabowska / Pexels)

Don’t want to just rely on passwords? Use multi-factor authentication (MFA) on both your personal and work devices. You’ve probably come across this before: you log into a website and are sent an SMS message with a one-time code that you need to enter on the site to prove you are the account holder. That’s MFA.

Won recommends using an authenticator app or, if possible, a hardware token when using MFA. The latter is a small device that is used to authenticate your login, meaning whoever is trying to log in must physically possess the token. That makes it extremely difficult for bad actors to steal your MFA codes over the internet.

Even if you have to use text or email MFA authentication, you should do it, says Won, as “it raises the threshold for attackers.” This type of MFA can fall victim to so-called SIM swapping attacks, where hackers get the authentication code rerouted to a device they control. Still, using this kind of MFA is still more secure than not using it at all.

Disk encryption

A 2023 14-inch MacBook Pro on a wooden counter, near a retro lamp.

(Image credit: Gerald Lynch / Future)

The next security tip from 1Password is an easy one for Apple fans because it’s already there at your fingertips: disk encryption.

As long as you’ve set a password on your iOS or iPadOS device, its contents are automatically encrypted using a feature called Data Protection. Intel-based Macs use FileVault to protect the contents of the boot drive (although you’ll need to manually enable it). Apple silicon Macs, meanwhile, use a hybrid approach that sits somewhere between Data Protection and FileVault.

That means that whatever Apple device you’re using, your files can be safely encrypted to keep them out of the hands of hackers, phishers and other threat actors.

You can also enable Advanced Data Protection on iOS and macOS, which brings end-to-end encryption to your iCloud backups. When it’s disabled, Apple holds your decryption keys, which theoretically could be leaked if Apple got hacked. With end-to-end encryption enabled for your iCloud backups, only you can access those keys.

Freeze your credit

A person holds a credit card while using an Apple MacBook Pro laptop.

(Image credit: Liza Summer / Pexels)

What else? Well, 1Password suggests that American readers could freeze their credit history. While this might sound drastic, it prevents your sensitive data from being accessed without your consent, and won’t hurt your credit rating.

Why would you do this? Won explains: “Chances are, between breaches from telecom providers, banks, credit bureaus, or even the federal government, your personally identifiable information is already out there.” By freezing your credit history, no one can open a fraudulent credit line using your stolen data. That protects you from having your credit score impacted by scammers on a spending spree.

It's free to do at Equifax, TransUnion, and Experian, and Won notes that “it’s easy to unthaw on a temporary basis for your next car purchase or rental application.”

What else can you do?

A person holds their iPhone and unlocks their 1Password account using Face ID. In the background is a laptop.

(Image credit: 1Password)

There are a few other things that could help you stay safe. Use Face ID or Touch ID wherever you can and always keep your operating system and apps up to date. Download an app like Truecaller or Hiya to block spam calls automatically. And use an app such as Little Snitch to find out if your device is communicating with servers that it shouldn’t (potentially a sign that it’s infected).

There’s some debate over whether you should use an antivirus app on Apple devices, given their existing security. But antivirus apps can provide some extra defense if Apple’s own measures like Gatekeeper don’t do the trick. A good VPN app can also help by keeping your web traffic private.

You can avoid becoming a victim by taking a cautious approach online and over the phone. Don’t visit disreputable websites and bookmark those you read regularly so you know you’re on the right one and not a nefarious imitator. Don’t hand over your passwords to someone calling or emailing claiming to be from your bank. And remove any unknown devices from your iCloud settings page immediately.

Put all these tips into action and you will go a long way to protecting your Apple devices and keeping them safe from malware. Most are easy to do, and you might have already enabled some on your own. They could be what saves the day when hackers come knocking.

Alex Blake

Alex Blake has been messing around with Apple tech ever since he caved to the pressure and bought an iPhone 3G “just to see what all the fuss was about.” He’s spent the subsequent 15 years prattling on about Apple and has somehow managed to do so professionally. Don’t ask him how.