#PSA: How To Lock Down Your iPhone

These days, you cannot take security for granted. And that includes locking down your iPhone from people who would want to get some of your personal information. If you want an example of how easy it is to get personal information from a locked iPhone, try these Siri commands with a random iPhone that is locked:

  • Siri, who am I
  • Siri, navigate me to home
  • Siri, show me my recent calls

What you’ll see is that the contact card belonging to the owner of the phone will appear. Plus Siri will route you to the address of the owner of the iPhone. Finally, you’ll see the last call that was made from the phone. And you get all of this while the phone is locked. That’s not good. What’s worse is that this is how the iPhone is set up by default which is a bit of a #fail from a company that values privacy. I’ll also add that the Today View, Apple Wallet, notifications as well as control center are also exposed for anyone to see by default on the iPhone. Any of those could expose personal information, and having the control center available could be leveraged to disable the phone’s ability to connect to cellular networks if it is stolen. Which means that you won’t be able to find it or remote erase it using iCloud. For those reasons, I suggest that you take the time to lock down your iPhone. I will admit that by doing so you take away some convenience, but you will make your phone a lot more secure. Here’s what I would suggest that everyone disable:

  1. Go to Settings
  2. Go to Touch ID & Passcode
  3. Enter your passcode
  4. Disable the following:
    1. Today View
    2. Siri
    3. Reply With Message
    4. Home Control
    5. Wallet
  5. Now go back one level and go to Control Center
  6. Disable “Access On Lock Screen”

By doing all of that, it will take away most of the ways that your personal information can leak out. For bonus points, you may want to consider disabling Notifications View under Touch ID & Passcode. I didn’t do that as I find that it is handy for me to have notifications from my various apps pop up on the screen. But if there’s info from those notifications that you don’t want a third party to see, it is worth considering whether you should disable it or not.

The next thing that I suggest that you do is not only improve your passcode, but set your phone to self destruct. I’ll start with the former. Most people use 4 digit passcodes which means that there are 9999 possible combinations. That sounds like a lot, but it really isn’t. Someone with a lot of time on their hands, like a border agent for example, will take the time to crack the passcode. Thus try using a 6 digit passcode or better yet an alphanumeric code for improved security. Now to the part about self destructing the phone. No, you cannot set the phone to self destruct in 5 seconds like they do in Mission Impossible. But iPhones do have a feature that erases the data on the phone after 10 failed passcode attempts. You can enable it  like this:

  1. Go to Settings
  2. Go to Touch ID & Passcode
  3. Enter your passcode
  4. Enable “Erase Data”

Now, you don’t want to enable this unless you back up your iPhone on a regular basis using iTunes. But in my case, I use iCloud Backup which automatically backs up my phone is plugged in, locked, and connected to WiFi. That means that I always have a backup that I can fall back on should the need arise and I can get my phone back to a working state anywhere. Not to mention set up a new phone with the same settings if I have to. Here’s how you set it up (This is assuming that you have set up iCloud before hand. If not, you should create an iCloud account as it is free to do so and it gives you 5GB of storage):

  1. Go to settings
  2. Go to iCloud
  3. Go to Backup
  4. Enable iCloud Backup

One thing to note is that it will only backup your health data, accounts, and phone configuration info. It does not backup music, apps or pictures. But music and apps are easy to restore from your computer using iTunes on your Mac or PC. Ditto for photos if you’re not using something like iCloud Photo Library which keeps your photos in the cloud.

Full disclosure: I use a 4 digit non-obvious passcode (in other words, one that isn’t easily guessed or is tied to anything else in my life) and I have the iPhone set to erase data. My logic is that this configuration will keep my data away from prying eyes because the phone will erase itself after 10 failed passcode attempts. This is on top of the fact that I use Touch ID to unlock the phone which means I am not entering the passcode most of the time. But you have to decide how paranoid you want to be on this front and what steps you’re willing to take to protect yourself.

Now, all of this sounds like a fair amount of work. But I ran through this and it took me 20 minutes to set all of this up. In my mind, that’s a good investment of time to make sure that your phone is locked down and doesn’t reveal personal information about you should it fall into the wrong hands. Thus it is something that every iPhone user should do.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: