iPhone Privacy Checklist | Tighten All Your iPhone’s Privacy Settings (2024 Edition)

We carry a lot of data on our iPhone. From our most personal memories to our banking information to which restaurants we love, which we don’t want others to gain access to.

While iOS is great at keeping our data secure, it’s a good idea every so often to take the time to check that everything is good and secure. In addition, threats are always evolving and adjusting based on our habits.

Enable Find My iPhone

Find My iPhone is a free service provided by Apple that allows users to track and remotely lock or erase an iDevice. Despite the name, this service also works with iPad and iPod Touch devices. A free iCloud account is required to use this service.

If a device is lost or stolen, having this service enabled may allow the owner to find and recover the device with the assistance of the University Police Department (UTPD). Even if recovery of the device isn’t possible, the ability to remotely erase may protect any sensitive data that was stored on it. With iOS7 Apple introduced Activation Lock, so enabling Find My iPhone now also prevents someone from erasing and restoring a device without entering the iCloud username and password associated with it.

To enable Find My iPhone:

1. Tap Settings.
2. Tap iCloud.
3. Enter your iCloud username and password if not already configured.
4. Turn on Find My iPhone.
5. Tap OK.

Require A Passcode Or Password

Setting a passcode prevents casual unauthorized access to a device. A passcode is also required in order to enable Data Protection and take full advantage of the encrypted storage of all recent iOS devices.

To configure a passcode:

1. Tap Settings.
2. Tap General.
3. Tap Passcode Lock.
4. Tap Turn Passcode On
5. Enter a passcode and then tap Next
6. Enter the same passcode and tap Next again.

In addition to the default 4 digit passcode, Apple also supports the use of numeric passcodes greater than 4 digits and regular alphanumeric passwords.

Since a 4 digit passcode only has a maximum of 10,000 possible combinations, we recommend that users select a longer passcode or a password when possible. iOS will present the standard numeric keypad for entry regardless of the length of a passcode, so long as the passcode consists only of numbers. For high-security applications, it is recommended that a standard alphanumeric password be used instead of a passcode.

To configure a complex passcode or password:

1. Tap Settings.
2. Tap General.
3. Tap Passcode Lock.
4. Enter the current passcode if configured.
5. Turn off Simple Passcode.
6. Enter current passcode when prompted.
7. Enter a new, longer passcode or a password and tap Next.
8. Enter the new passcode or password again and tap Next.

Enable TouchID With A Complex Password

If the device supports TouchID (iPhone 5S and newer), configure a complex password (8 characters minimum with letters, numbers, and symbols) and enable TouchID. TouchID will allow you to authenticate to the phone without having to type in the password except when the phone is first turned on or when you have not authenticated to the phone via TouchID in more than 48 hours.

Using a complex password instead of a passcode makes brute force attacks significantly harder and more time consuming, protecting the data on the phone better (the standard 4 digit passcode is defeatable in under 3 minutes). While TouchID is not perfect, this combination still represents better security than a simple passcode alone.

Set Auto-Lock Timeout

This option automatically locks the device after it has been inactive for the specified amount of time.

To enable the auto-lock timeout:

1. Tap Settings. 
2. Tap General. 
3. Tap Auto-Lock. 
4. Tap “2 Minutes” or one of the other values.  Lower values are more secure.

Disable Grace Period For Screen Lock

The grace period allows the device to be unlocked after auto-locking without providing an unlock code.  Setting a value of “Immediately” will require the passcode to be entered regardless of when the device was last locked.

To disable the grace period for screen lock:

1. Tap Settings. 
2. Tap General. 
3. Tap Passcode Lock. 
4. Tap Require Passcode. 
5. Tap Immediately.

Erase Data Upon Excessive Passcode Failures

Devices can be configured to automatically erase user settings and data after ten passcode failures.  As excessive passcode failures typically indicate the device is out of your physical control, enabling this may protect the confidentiality of information stored on the device.

To enable this option:

1. Tap Settings.
2. Tap General.
3. Tap Passcode Lock.
4. Enter the current passcode when prompted and tap Done.
5. Turn on Erase Data.
6. Tap Enable.

Enable Data Protection

With devices that support hardware encryption (iPhone 3GS and later, iPod Touch 3rd gen and later, and all iPads), iOS 4 and above allow applications to use an encryption key derived from your passcode to protect application data.  Enabling this feature is as simple as setting a passcode on the device.

To verify that data protection is enabled: 
1. Tap Settings. 
2. Tap General. 
3. Tap Passcode. 
4. “Data protection is enabled” should be displayed at the bottom of the screen.

Disable AutoFill For Sensitive Information

AutoFill will remember information entered into forms and then automatically fill in this information in matching fields on later forms. While this may be convenient, it also may result in the storage of sensitive information locally on the device.

Additionally, automatically filling in fields on web forms could result in unintentional disclosure of sensitive data to unauthorized people. It is strongly recommended that, at a minimum, the storage of Credit Cards be disabled.

To Disable AutoFill:

1. Tap Settings.
2. Tap Safari.
3. Tap Passwords & AutoFill.
4. Deselect the categories of information you do not want to be saved and automatically filled in.

Turn On Do Not Track

The Do Not Track option instructs Safari to send a specific header in web requests that indicates the your preference not to be tracked by the websites you visit. Many sites have opted to honor this preference so there is some small privacy benefit from enabling it.

It is important to note, however, that this feature is strictly voluntary and web sites are under no obligation to honor it. There are no guarantees that any specific web site will now, or, in the future, continue to, obey this header.

To Turn On Do Not Track:

1. Tap Settings.
2. Tap Safari.
3. Turn on Do Not Track.

Turn Off Ask To Join Networks

By default, iOS devices will prompt you to join an unknown network, if any are detected, when no networks that have previously been connected to are available. The issue is that anyone can run a wireless hotspot and, joining a poorly configured or insecure network could allow a malicious user on that same network to intercept, capture, and alter any network traffic sent by a user.

In fact, many attackers will intentionally run wireless networks in popular, crowded areas, like airports and coffee shops, hoping to lure unsuspecting users into connecting. If this feature is disabled, you must manually select a wireless network to join from a list of detected available networks. This may reduce the risk of inadvertently joining a similarly named yet untrusted network (e.g. “default” instead of “default”).

To Disable Ask to Join Networks:

1. Tap Settings.
2. Tap Wi-Fi.
3. Turn off “Ask to Join Networks”.

Turn Off AirDrop When Not In Use

AirDrop is a service that provides a very simple and easy way to transfer files and information between iOS devices. As with all such services, it is safer to have it enabled only when it is actively being used and you are expecting to transfer or receive files.

To Turn AirDrop off:

1. Open the Control Center by swiping up from the bottom of the iOS 7 screen.
2. Tap AirDrop.
3. Tap Off.

Turn Off Bluetooth When Not In Use

Disabling Bluetooth reduces the remote attack surface of devices and may also prevent you from unintentionally connecting to unknown Bluetooth services and devices. Bluetooth should be enabled only when it is actively being used.

To Turn off Bluetooth:

1. Tap Settings.
2. Tap Bluetooth.
3. Turn off Bluetooth.

Turn Off Personal Hotspot When Not In Use

The Personal Hotspot feature allows devices with cellular data connections to share their network connectivity with other devices over Bluetooth, Wi-Fi, or USB. This feature should be disabled when not in use to prevent unauthorized usage and reduce the remote attack surface of the device.

To Turn Off Personal Hotspot:

1. Tap Settings.
2. Tap Cellular.
3. Tap Personal Hotspot.
4. Turn off Personal Hotspot.

Disable Access To Control Center On Lock Screen

The Control Center allows users to quickly access certain frequently used settings and applications without having to unlock the device. Almost immediately after the release of iOS 7, a vulnerability was found in this feature that allowed anyone with physical access to the device to bypass the lock screen and access a significant amount of potentially sensitive data on a device.

While this specific flaw was fixed with iOS 7.0.2, the nature of the Control Center and the applications it grants access to both make it a valuable target for attackers. Disabling access to the Control Center from the Lock Screen could help mitigate any future bypass exploits that are found. The Control Center is still available with this setting, the device just has to be unlocked first.

To Disable The Control Center from the Lock Screen:

1. Tap Settings.
2. Tap Control Center.
3. Turn off Access on Lock Screen.

These security settings are proactive in nature but are intended for devices where there exists a very high need for security, as they may negatively impact the user experience and interfere with the functionality and utility of many applications.