Inside the Nitty Gritty iOS Preferences Everyone Should Know
Let?s all lock this device DOWN, shall we? Photo by Oliur on Unsplash
Welcome back, everyone. Today, I?d like to offer you all a partner piece ? a Part II if you will ? to an article I published recently over at the fabulous Better Humans Medium publication. In my piece there, I lay out how to set up your iPhone for better security and privacy; in this installment, I?ll be suggesting some additional, small and quick adjustments to make on your iPhone to lock it further down on the system or iOS level The goal is to ensure that your most trusted and a well-used computer is far more secure than it currently is.
To help guide you in the easiest way possible, you?ll find a handy guide at the top of each section ? in italics ? to help point you to where you?ll find each of the changes I?ll suggest. Ready? Then let?s dig right in?
Settings
The iPhone, like all computers, comes with a series of settings that can and should be changed to help create a stronger barrier between your pocket computer and the outside world.
Let?s change a few iOS settings, shall we? Yes: we shall.
Deactivate AirDrop
In iOS 11 and later: Settings -> General -> AirDrop. In iOS 10 and earlier: swipe up from the bottom of your iOS device to find a shortcut to AirDrop in your Control Center.
AirDrop is a wireless filesharing protocol that allows iPhone users (sorry Androiders!) a simple way to share photos and other files. When activated, it broadcasts your iPhone?s availability to other nearby iOS devices. That makes it simple for those other iOS devices ? presumably those owned by your family and friends ? to request permission to send you files. While convenient, AirDrop is a protocol that?s been hacked in the past. Therefore, set the preferences for this protocol to ?Receiving Off?. Then, when you need to share files with family and friends, return to your AirDrop preferences, change it to ?Contacts Only? and, once you?ve received your files, change it back to ?Receiving Off?.
Only activate AirDrop, as shown here, when you NEED it. Otherwise: deactivate!
Deactivate Bluetooth and Wi-Fi Unless Required
On iOS devices before iPhone X: Swipe up from the bottom edge of any screen. On iPhone X models or iPads with iOS 12 or later: swipe down from the upper-right corner of the screen.
Some of you will think I?m crazy for suggesting this. I understand, but, unfortunately, the facts say otherwise: malicious hackers can attack via Bluetooth and they can do the same via Wi-Fi. That?s a sobering wake-up call for those of you interested in maintaining the most secure iPhone. While these two services make digital life much, much easier, everyone should more prudent with when and where we enable these services. I used to leave Wi-Fi and Bluetooth powered on all the time, even when I wasn?t using them. I no longer do so. Instead, as a general rule: leave Bluetooth and Wi-Fi off until you need them. Even then, only connect to devices and networks that you?ve personally setup or can vouch for. A simple way to achieve this is to open the iOS control center and activate airplane mode on your device when you?re not using it. For casual surfing and communication, only activate the cellular radio. When necessary, feel free to activate Bluetooth and/or WiFi.
When not in use, place your iPhone in Airplane mode (left). Otherwise, leave only the cellular radio on (right).
Deactivate Apple?s ?Find Friends? App
Swipe down from top of the screen on your iOS device to perform a spotlight/device search. Type ?Find? and the search results should show if you have this app installed.
Apple?s Find Friends app is great for a group of people in a common location ? a stadium, a conference center, an amusement park ? who all want to be able to find one another. It?s also a tool that interests parents who want to know where their children are. That?s because Apple makes sharing your geographical location very easy: just add the friends you wish to track and, once you?ve accepted this invitation, your location will show up in the Find Friends app overlaid onto a map. Bingo! Only? Have you remembered to revoke this privilege once the event in question is finished? Also, what do you know about all of the people to whom you?ve given your geographical information? Are they as concerned about privacy and security as you are? Hint: it?s a rhetorical question because no, they?re not. Therefore, never use this app with colleagues or friends. If anything, only use it as a parent to track a child, but in no other scenario should you consent to share your location in an application which is always broadcasting where you are. Before the advent of cell phones, we all still managed to find one another pretty well. We did silly things like agreeing on where to meet and at what time in advance. The good news: that old-fashioned hack still works today. The better news: even if that method fails, we can still text or call one another. If you?ve granted permission for others to know your location, revoke it. Stop sharing your location with others and ? if you?ve got others who?ve granted you that permission ? do them a favor and remove them from your surveillance. Then, this app should be deactivated or deleted.
Using Spotlight on iOS to locate your Find Friends app (left). Then keep track of where the app lives on your iPhone (right).
Set up a Complex and Long Device Password
On iOS devices with TouchID: Settings -> TouchID & Passcode.On iOS devices with Face ID: Settings -> Face ID & Passcode.
TouchID and Face ID are great tools to have for convenience, but they?re not as great for security or privacy when it comes to the law. I know: crazy! In the United States, for example, federal law treats biometrics ? something you are ? as very different from your password, something you know. From a great article in The Atlantic:
?In several cases since 2014, state and federal judges have signed search warrants that compelled fingerprint unlocks. The Fifth Amendment protects people from having to give up information that could incriminate them, like a password or PIN code. But a thumbprint isn?t something you know, which would be protected by the Constitution; it?s something you are. Like DNA or your handwriting, physical attributes are usually considered outside the boundaries of Fifth Amendment protections.?
Because the law is still ambiguous, it?s highly recommended that you create and use a complex, long and original password to lock your most trusted computer. The problem: Apple, by default, only presents you the option to set a numerical four or six-digit password on your iOS device. Wanna know how long it takes to crack a password like that? Try 25 nanoseconds for a hacker on a powerful computer system. Instead, we?ll need something far more complex. To accomplish this, navigate to your password settings and enter your current password when prompted. Tap on ?Change Passcode? and enter your current password a second time. Now tap Passcode Options -> Custom Alphanumeric Code as shown here:
Go deep into the iOS password preferences to give yourself a proper password.
Here, you?ll be able to enter a new strong, complex password. Pick something with lowercase and uppercase letters and special characters. If you have a hard time remembering jibberish passwords like ?Y91bgQ%$v*x?, then just pick a lyric from your favorite song, poem or speech and use it as your new password. For example, you older rock ?n roll fans might choose: ?SheLovesMe,YehYehYeh!? while you younger R&B fans might go with ?BackThatAssUp!? or ?YouShouldaPutARingOnIt.? Whatever you choose, you?ll be asked to re-enter your new password a second time, so pick something that you?ll remember, including any punctuation. After clicking ?Done,? your iOS device will take 10 to 20 seconds to set the new password and re-encrypt your data.
For those of you who thrive on video tutorials, you?re in luck! Here?s a video I made to help walk you through the process:
You?re welcome? ?
Set Stronger Face ID, TouchID Settings
On iOS devices with TouchID: Settings -> TouchID & Passcode.On iOS devices with Face ID: Settings -> Face ID & Passcode.
When it comes to TouchID, Face ID, and password enforcement on iOS, Apple ? again, by default ? doesn?t apply the strongest settings to your iPhone. Most of us should change at least some of those settings. Navigate to your Passcode settings and manually enter the new, long, and complex device passcode that you just set up in the previous step. There, at the top, you should see a short list of TouchID or Face ID settings depending on which model iPhone you have. Bear in mind: these settings are only conveniences. For some of us, these conveniences are safe. Other users ? and you know who you are ? cannot afford to have their fingerprints or faces used as a password. For those interested in maximum security, deactivate each of these options as shown below: doing so will still grant you access to these features, only now they will require that you manually enter your password. Will this take you more time? Hells, yes. Is this much better security for you? Hells, yes.
FaceID settings (left) and TouchID settings (right) that you should consider deactivating.
Set Stronger Password and Lockscreen Settings
On iOS devices with TouchID: Settings -> TouchID & Passcode.On iOS devices with Face ID: Settings -> Face ID & Passcode.
Further down in this same setting, you?ll find a bunch of preferences that we can better set to protect your iPhone. Scroll down through the password settings until you find the ?Require Passcode? switch, as shown below, and set to ?Immediately?. Next, deactivate most of the settings under ?ALLOW ACCESS WHEN LOCKED?. Having access to these features offers additional conveniences when your iPhone is locked. But, folks: if you can use Siri, send a text message or use your wallet while your iPhone is ?locked? then you?ve got an unsafe definition of ?locked?. If I lose my iPhone, I don?t want strangers using my digital wallet, nor sending text messages to my friends, family, and colleagues. Therefore, in my case, I?ve only allowed visual data and returning missed calls on my iPhone lock screen. The rest of it is deactivated as shown.
Lock. It. Down.
Lastly, I always recommend activating the ?Mission Impossible? setting on your iPhone. While I?m not a spy ? well, not yet! ? this setting is very spy-like: once activated, it will erase your iPhone after 10 failed password attempts. Only, don?t worry: an erased iPhone won?t also self destruct as it does for Agent Ethan Hunt. ?
Best Practices
Now that we?ve set up our hardware and software to work for our security and privacy in mind, we?ll need to change our technology habits as well, friends. Why? Because even the most secure tech on the planet is vulnerable if people use it incorrectly. What follows, then, is a list of ?best practices? or habits you should adopt to ensure you get the most secure privacy and security for your device.
Photo by Mark Duffel on Unsplash
Back Up Your Device Regularly
I?ll say it again: your iPhone is your most trusted computer. All computers need to be backed up and your iPhone is no different. Have a plan in place to back up your iPhone manually, via a lightning cable, or wirelessly, via the cloud. Use the answer to this question to determine how frequently you should back up your iPhone: how many days, weeks or months of data am I willing to lose? Then, set your backup schedule according to how you answer that question and encrypt your backups with a password using iTunes. For those backing up to iCloud, those backups are already encrypted by Apple. Just ensure you have enough storage there to handle those backups. For those of you asking why backing up your iPhone is even necessary, just go back and read the part about activating the ?Mission Impossible? setting on your iPhone. ? Boy, that?d be a bummer if someone intentionally or accidentally erased your entire iPhone and you had no backup, right?
Right.
Update Your Device Regularly
I say ?update?, not ?upgrade? because there?s a difference:
- When we upgrade our computer or smartphones, we?re installing a newer release operating system onto our devices. For example, we upgrade from iOS 11 to iOS 12 and we upgrade from macOS High Sierra to macOS Mojave.
- When we update our computer or smartphones, we?re installing patches to our current release operating system. For example, we update from iOS 11 to iOS 11.1 and we upgrade from macOS Sierra 10.12.5 to 10.12.6.
You should never upgrade your OS until the newest release has been proven to work near flawlessly. But you should almost always update your software when Apple releases patches because those make your computers and iOS devices more secure by providing patches, fixes, and corrections for previously unseen bugs and danger points.
Therefore, please download and install any updates to your iPhone on a regular basis.
Power Off Your iPhone when Entering Any Country
We spoke earlier about the ambiguity of the law in the United States. Any iPhone that?s been powered off will, even if powered back on, require the manual entering of a device password. And that act, in some countries ? including the United States ? may mean the difference between a lawful search of your device and an unlawful search. Performing this act isn?t something we do because we?re criminals who have something to hide: it?s something we do because we value privacy, security and to live free from unlawful search in a democratic nation. Power off your phone before reaching US Customs or Border Control agents when returning home to the US at the end of a foreign trip.
Use Your VPN at All Times
I?ve written extensively about the need for using a quality VPN and how to pick the right provider. I personally use Nord VPN on my iPhone and Mac, but there are a handful of great companies from which to choose. Once you?ve made that investment, use your VPN all the time. Yes, seriously. Surfing on a cellular network in the US or Croatia? Use your VPN. Going online at a public WiFi hotspot in Canada, Bangladesh or anywhere else in the world? Use your VPN. Sending some email? Use your VPN. Casually browsing online for items to purchase? Use your VPN. Playing ?Words with Friends? or ?Minecraft?? Use your VPN. Doing some online banking? Most certainly use your VPN. Are you catching a trend here?!? You?ve already paid to have a reputable VPN company provide you with a simple way to protect your privacy: so use it. It doesn?t matter what you?re doing with your iPhone, what network you?re using while you do it or what country you?re in: turn on and use your VPN at all times and for all reasons. The end. Period.
Don?t Give Out Your Personal Information
I wrote an extensive article about this practice and can?t recommend it more: make like a spy and classify yourself! Easily acquire secondary phone numbers, email addresses, and even mailing addresses. It takes about one hour of your time but will pay off in more cases than you can imagine. Then when non-essential people, services, websites, etc. require your ?personal information?, give them your secondary info. Amazon and the local grocery store don?t need your personal or work email address to send you coupons, work colleagues don?t need your cellphone number and very few people really need to know your physical address. Don?t share your most critical and personal information online ? or in person ? unless it is 100% mandatory.
Don?t Jailbreak Your iPhone
This one should be obvious, but I?m including it because some of you are adventurous souls. I get it: it?s tempting to jailbreak your iPhone, especially if you?re running an older version of iOS. Jailbreaking allows you to do cool things you?d otherwise never be able to do, but the truth is ? it?s not safe. Once your device is jailbroken, it?s possible to install nonstandard apps coded by programmers who aren?t vetted and approved by Apple. Yes, there are safe apps for your jailbroken device. The problem: Unless you?re an InfoSec expert, you?ll never know for certain which apps are safe and which are dangerous. Malware affects iOS users and is sophisticated enough to steal your AppleID and password. Some malware can steal SMS messages, call logs, location data, photos, address books, and passwords from the iOS keychain and send them to operatives in the Chinese government. So, pretty please: Don?t jailbreak your phones. Not now. Not ever.
That?s it, for now, folks, so surf safe! And make sure to let me know what works for you out there in the wild, wild webs. As always, I try to respond to every comment.
