10 Ways To Make Your iPhone More Secure

Here are some tips to make your iPhone more secure. In addition to using a long and random passcode, you can also prevent others from accessing your data in various ways if you select the right settings now.
You can also watch this video at YouTube.
Watch more videos about related subjects: iPhone (330 videos), Security (130 videos).

Video Transcript

Hi, this is Gary with MacMost.com. Today let's look at ten ways to make your iPhone more secure.
MacMost is brought to you thanks to a great group of more than 750 supporters. Go to MacMost.com/patreon. There you could read more about the Patreon Campaign. Join us and get exclusive content and course discounts.
So you carry your iPhone with you everywhere. It's probably your most vulnerable of all of your devices. At any moment you could loose it or have it stolen. So how do you make it as secure as possible. Well, your first line of defense from anybody getting access to the stuff on your iPhone is your passcode. If you have a four digit passcode that's pretty weak security. Go into the Settings app and then go down to Passcode. It could be called Touch ID & Passcode or Face ID & Passcode depending upon which model of phone you have. Go into there and you'll have to Authenticate by entering in your current passcode. Then you could set a new one right here. You'll have to Authenticate again and then you can enter your new passcode. Now here's where you want to look for this Passcode Options button. Tap that and now you can choose to have a four digit numeric code, which you should never use today, or a custom numeric code. With a custom code you can make it as long as you want. Six digits is better but going more than that is even better. If somebody is going to try to break into your phone they're probably going to assume six digits since that's pretty common. Make it seven or even eight or nine digits long. This makes the levels of magnitude harder to guess your passcode. Better yet, choose Custom Alpha Numeric code. Then you get to enter in using the Alpha Numeric keyboard. So you basically can setup a password instead of a passcode or even a longer phrase. 
Now also you want to avoid passcodes that can easily be guessed. Things that represent dates for instance can be easily guessed. So if it looks like a year and a month or a month and a day try to avoid that. As a matter of fact the best thing to do is to get a random number and use that instead so the number can't be guessed by somebody that knows you and knows numbers that you might typically use. Also make it unique. Don't use the passcode anywhere else because if your passcode is compromised somewhere else, like a pin number for another service, then they could take that pin number and then use that to get into your phone.
Now there's another pin number that you need to set on your phone and it has to do with the Sim card that's in your phone. So somebody could theoretically pull the Sim card out of your phone, put it in another device, and while not accessing the stuff on your phone could access stuff having to do with your mobile phone account. So go into Cellular and there look for Sim PIN. Go in there and turn that on and set it to something random but of course make sure you record that in your Password Manager or write it down somewhere so you have it. For more information checkout this page at the Apple site.
Now it doesn't make sense to even pay attention to any of the tips I'm going to give here unless you follow the next one which is to use Two-Factor authentication for your iCloud account. Your iCloud account is tied into your iPhone in so many different ways so we want to make sure that that's protected. Otherwise somebody can get access to your information and they don't even physically have access to your phone. So, in your iCloud Settings go to Password & Security and in there make sure you have Two-Factor authentication turned on. Most Apple users do now as there is a lot of things you can't do unless you're using Two-Factor. But if you haven't yet gone over to Two-Factor of your iCloud account then forget all the rest of these tips and take care of that now. Here's more information from Apple.
Now while your iPhone may be secure your connection to the internet may not be. One of the easiest ways for you to be compromised there is to be using a non-trusted Wi-Fi source. So in other words you're somewhere using somebody else's Wi-Fi and either they're looking at your data as it goes through their Wi-Fi network or maybe they're not even doing it. The Wi-Fi equipment has been compromised itself. So you want to make sure you go to Wi-Fi and then turn off Auto-Join Hotspot. Or at least set it to Ask To Join. Then try to avoid using other people's Wi-Fi unless you actually trust them. Like, for instance, your Wi-Fi at home or the Wi-Fi at work or at school. 
Now it's not really possible to be compromised by an app that you install because the App Store is pretty locked down by Apple. But if that's going to happen it's going to happen by that app installing some sort of profile. A profile gives the app a higher level of access to your system than just having the app installed by itself. To check whether or not you've allowed any apps to install profiles go into General and then go down here and look to see if there's an entry right around here for profiles or profile device management or things like that. It's usually just before the settings for VPN. I don't have any installed here but if I did have one, like say a beta test profile from Apple, it would appear right here. I can then tap on it, just like I can with VPN, and see what I have installed and remove anything. So if you see something that's there listed as a profile, you go into it. If you don't know what it is research it right away and figure out what's going on. Delete it if you need to.
Now if your iPhone does get stolen one of your best lines of defense is to basically disable it. Wipe it remotely. But to do that you have to set things up first. You have to be proactive. So go into your iCloud settings here. Then look for Find My. Go in there and make sure Find My iPhone is turned on. If that's turned on and you iPhone is stolen you can now go to iCloud.com. Go to Find My iPhone there. From there remotely wipe your iPhone. 
Let's go back to looking at Passcode Options. One thing you want to pay attention to is the Require Passcode Setting. It should be logged Immediately but depending upon other settings you may have it may not be. Make sure you have it set to Immediately. Otherwise you can lock your phone and somebody can then take it and still get access to things without a passcode for a  period of time. Another setting to look for is here at the bottom and it's USB Accessories. You can see I have that turned off. Basically with this turned off if somebody connects something to the lightening port on your iPhone it has to be unlocked to get access to that device. One of the main ways that somebody can break into an iPhone is to take it, hook it up to a piece of hardware that installs software on the iPhone. But with this turned off it can't install that software until the phone is unlocked. Now also you want to look at all these settings up here. You can see what is available on the Lock screen. So your phone is in Lock but these things can still be accessed. For instance, Siri can still be asked some questions. Control Center can be brought up. Wallet can be brought up. Now all of these have uses on the Lock Screen. So you may want to have them on. But you definitely want to think about all of these in terms of security. If you want to setup your phone for high security you may want to disable many of them. For instance, with Notification Center on somebody who has your phone maybe able to see Notifications that have private information on them even though your phone is still locked. Reply with Message may allow somebody who sees a message coming in to send back a canned response making it look like everything is okay even though they have actually taken your iPhone from you.
Now look at these settings here at the bottom Erase Data. If you turn this on and enable it what will happen is if there are ten wrong tries of a passcode then all the data on your iPhone will be erased. Now this is important because without this turned on it means that somebody could basically keep trying different passcodes until they guess the right one. If there's a machine that's doing that it could just keep going and keep going until it gets the right passcode. But with this enabled it means it only gets ten tries which is pretty useless if you're using a good strong passcode. It's never going to guess it in the first ten tries. The phone will be erased and all your data will be safe.
So here's one last tip. That's to force your iPhone into a mode with a passcode is required. You have an iPhone that either has Touch ID or Face ID which is really convenient for you to be able to get quick access to your phone without having to keep entering in the passcode every time. But there are some far fetched scenarios where somebody could force you to use Face ID or Touch ID to unlock your phone. To disable that all you need to to is quickly go to the mode where you're basically trying to turn off your phone but you don't need to turn it off. So, for instance, on some older phones it may be just holding the side button for a few seconds until it gets into that mode. On newer phones you hold the side button and either the volume up or volume down for a second or so and it will go into that mode. Then watch what happens. You can see it goes to Slide to Power Off mode. If I cancel now, and you can see if I try to use Touch ID it says your passcode is required to enable Touch ID. So I've set it up in that mode. So if you feel you're in a situation where you really want to secure your iPhone just in that moment do this. Try it out now. Practice it so you know how to do it. That way you know how to quickly secure your iPhone and require a passcode if the need arises. 
So there are various different ways to increase the security of your iPhone. Some of these are a little more extreme than others. But if you do nothing else at least turn on Find My iPhone. Use Two-Factor authentication and have a decent random passcode for your iPhone.  

Comments: 11 Comments

    John Bianca
    5 years ago

    Are you sure that apple support address is correct for setting the SIM passcode?

    J
    5 years ago

    OK, the SIM passcode Apple address works. For some reason (bad typing?) it did not work for me a few times.

    J
    5 years ago

    My carrier (Spectrum) says they don't allow putting a passcode on their SIM card. The person I talked to at Spectrum was rather rude & kept cutting me off as I tried to explain that it seems my iPhone XR has a setting to do this as presented in your video. I called Spectrum because I had tried to enter a SIM passcode & the phone gave me a message it was an invalid entry. It also said I had two chances left. That's when I called Spectrum and got stonewalled by them.

    5 years ago

    J: I wouldn't worry about it too much. If I ranked these in importance, I would put a SIM card passcode way at the bottom.

    J
    5 years ago

    Thanks!

    Philip
    5 years ago

    Hi Gary,
    I tried to enter a SIM passcode per your instructions on my iPhone 12 Pro using iOS 14.1 with a Verizon SIM card but my phone didn’t accept this and started counting down the number of attempts it would allow displaying the message that I only have just 2 attempts left. I am worried about proceeding with this SIM passcode procedure. Your advice?
    Thanks, Philip

    5 years ago

    Philip: Don't worry too much about it. Most people don't have it set, so it Verizon doesn't want you to, then it isn't that important for most people.

    Philip
    5 years ago

    Hi again, Gary –
    Thanks for your reply above.
    One quick additional question, please:
    If I enable the “Erase Data” (after 10 failed passcode attempts) feature, does that denote 10 cumulative failed attempts over the life of the phone while I’m the registered owner, or does it denote 10 failed attempts within a shorter time frame (e.g, 5 min., 1 hour, 1 day, etc.)?

    5 years ago

    Philip: It is 10 attempts in a row.

    Pam
    5 years ago

    Hi Gary,
    I appreciate your MacMost tips. I listened to your 10 tips for security for my iphone SE. I went and turned ON SIM PIN. However, now I cannot use my phone. I did write down a code as you suggested before turning on the SIM PIN. but it does not work. I am LOCKED OUT of using my iphone right now. What do I do?

    5 years ago

    Pam: You'll need to call your mobile phone provider. They are the only ones who can help.

Comments are closed for this post.