general security tips for iOS devices

ios-security-tips.md

find my

The Find My app helps you locate and control your devices remotely.

1. turn on the Find My iPhone setting. This will allow you to remotely lock, erase and locate your device.
2. turn on Find My network option. This setting enables you to find your phone even if it does not have internet access or has been turned off. It uses bluetooth to ping other nearby devices its location.
3. turn on Send Last Location to send the phone location to Apple before it runs out of battery

turn off access when locked

Turn off access to multiple features when your phone is locked. It is best to turn off access to everything, but the most important ones are control center and siri as they can be used to put your phone in airplane mode, for example.

face id

Turn on face id and use it whenever you go out. Avoid typing your pass code when in public or near cameras. If someone has access to your phone and knows your passcode, they can potentially lock you out of your apple id account forever. It is also a good idea to turn on Require Attention for Face Id to prevent your phone from being unlocked unexpectedly.

passcode

Use an alphanumeric passcode. This will increase the difficulty of a brute force attack and prevent someone from learning your passcode by watching you type it. It is also good practice to avoid typing your passcode in public. Finally, you can consider reducing the Auto-Lock time to 30 seconds or 1 minute.

software updates

Turn on automatic install of Security Responses to receive security patches. However, you might want to turn off automatic installs of iOS updates and only install when you think the new version looks stable.

stolen device protection

Turn on the Stolen Device Protection feature to prevent someone from locking you out from your apple id account after stealing your device. This feature will make it so you need to wait for one hour before you can change phone settings, this gives you some time to go to Find My and lock your device after it has been stolen.

advanced settings (optional)

If you want to go even further, you can consider the options below. But there are many tradeoffs that have to be taken into account and it is probably not worth it to most people.

1. advanced data protection
2. lockdown mode

before first unlock (BFU)

iPhone states can be divided in two parts: BFU and AFU(after first unlock). After an iPhone is unlocked for the first time, encryption keys are loaded into memory and more data becomes accessible. Because of that, the AFU state is much less secure than BFU. If you believe your device is about to be stolen, it is a good idea to preemptively put it into BFU by holding the power button(right) and the increase volume button(left). Once the turn off device screen is shown, the phone is put into the BFU state and requires a passcode for unlocking.

what to do if your phone was stolen

1. visit https://icloud.com/find/
2. mark your device as lost
   • do not include contact details as the criminal can contact you with threats
3. erase the device
4. keep the device in your icloud account, failing to do so will allow the criminal to sell the stolen device for a premium.
   • as long as the stolen device is linked to your account, the device will remain unusable. It can only be sold for parts
5. take the serial number and IMEI (can be found in the back of the iphone box) and report it to the police and to your carrier as stolen.
   • your carrier will be able to block the IMEI and the phone won't be able to be associated with a carrier again in the same country

what to do if your phone was lost

1. visit https://icloud.com/find/
2. mark your device as lost
   • include a message and a phone number so the person that finds it can contact you
3. erase the device
4. keep the device in your icloud account