Don’t Let Your iPhone Get Hacked: Never Jailbreak
The number one piece of advice for keeping hackers away from your iPhone is this: never jailbreak your device. Jailbreaking allows iPhone owners to access apps and software not available in the Apple ecosystem, but it also exposes your phone to viruses and other malware. Also, once you’ve jailbroken your iPhone, you’ve also voided your warranty, so you won’t be able to get help from Apple if something goes wrong with your device.
Keep Your Accounts Secure: Use iCloud Keychain to Generate Unique Passwords
The most serious vulnerability on your iPhone isn’t your iPhone itself, but the passwords used on your iPhone to access your data. If you use the same password on multiple websites or services, then you’re at risk. Hackers target websites and services that don’t seem like they would hold valuable information, like a forum that requires a login. When the hackers get in there, they harvest large lists of passwords. The hackers know that some of those same credentials will have been used in other, more important services, like iCloud. Next, they try all the usernames and passwords they got from the low-security service on iCloud and now and then, they get lucky.
Hackers usually aren’t after you personally, so anonymity isn’t a good defense. They may not even know your name. If they manage to penetrate a website that has a password of yours, and you used that same password with your Apple ID, they may get onto your iCloud account. They might place files on your iPhone with iCloud, see your photo stream, send emails using your accounts, or mine your personal data from your iCloud backups.
Fortunately, Apple has an easy-to-use solution in iCloud Keychain. This service generates secure passwords and stores them, so you don’t have to remember them, and so every password is unique.
For More Information about Apple’s iCloud Keychain:
- How to Enable iCloud Keychain
- How to Create and Remember Unique Passwords with iCloud Keychain
- How to Eliminate Duplicate Passwords with Apple’s Password Manager
- Keep Your Apple ID Safe from Hackers: Enable Two-Factor Authentication
If you use iCloud Keychain, you don’t have to worry about remembering your passwords, or about duplicate passwords. But there is a downside: anyone who gets into your iCloud account will have access to all your passwords! You have to make your Apple ID really, truly, secure. Use two-factor authentication, Apple’s latest failsafe. When two-factor authentication is enabled, you have to use a trusted device to log in to a new device. For example, say you got a new iPad. When you go to sign in with your Apple ID for the first time, your other trusted devices like your iPhone will receive a notification asking for approval. If allowed, your iPhone will display a verification code. Once you enter the verification code on your iPad, the device is approved. This feature works so well because anytime someone tries to log in to your Apple ID account, you’ll get a notification and have the ability to approve or deny the attempt. This feature requires iOS 9 or later and has been the default since iOS 11. To turn on two-factor authentication:
- Open the Settings app on your iPhone.
- Tap your name in the banner at the top.
- Select Password & Security.
- Tap Two-Factor Authentication.
Image credit: blackzheep / Shutterstock.com
A lot of iPhone users may be skeptical of this advice, but updating your iOS and iPadOS devices to the latest software is the absolute best way to make sure your devices are as protected from hackers as possible. That’s because, with each update, Apple improves security features and fixes any previously overlooked weak points that might allow hackers access. But, the first couple of weeks after an iOS release often reveal problems with the update itself. This is why I highly recommend you update iOS regularly on your phone, but not right away. A week or two is enough time for any major flaws or bugs to become apparent. When a new update comes out, wait two weeks, and then go for it. To update your device:
- Open the Settings app.
- Select General.
- Tap Software Update. If an iOS or iPadOS update is available, follow the prompts to download and install.
Keep the Data on Your iPhone Safe: Turn On Find My on Your iPhone
Image credit: aradaphotography / Shutterstock.com
This is a no-brainer. When Find My is turned on for your iPhone or iPad, you can see the location of your phone or tablet from any of your other devices or via iCloud.com. While it’s not recommended you personally track down an Apple device that’s fallen into the hands of a thief, the Find My app will allow you to find your iPhone or iPad if you lose it. However, that’s not why it’s recommended for protecting your device from hackers. The great thing about Find My is that if your device is stolen, you can remotely erase your device so that none of your personal information can be stolen too.
How to Turn Find My On:
- Open the Settings app.
- Tap your Apple ID at the top.
- Tap Find My.
- Tap Find My iPhone.
- Toggle Find My iPhone on.
- If you have the options, toggle on Enable Offline Finding, and Send Last Location. These allow your iPhone to be located in some cases, even if it is out of cell range, off, or out of battery.
How to Erase an iPhone That Has Been Stolen or Lost:
- Open the Find My app.
- Tap the Devices tab at the bottom of the screen.
- Tap the name of your iPhone in the list of devices.
- Scroll down to the bottom and tap Erase This Device.
Keep Your iPhone Safe from Hackers: Switch to a 6-Digit or Longer Device Passcode
Apple has made six-digit passcodes the default for a while now, but many users prefer to continue using a four-digit code or no code at all. While it may seem like an inconvenience to add two extra digits to your passcode, it’s worth the added security. Your device passcode should be unique and hard to guess. Nothing like 1111 or 123456! There are one thousand possible combinations of four numbers, and one million possible combinations of six. Pick something random. You’ll be entering it fairly often, so it should be easy to remember. If you’re really serious about having a secure passcode, you could consider setting an even longer passcode with both numbers and letters.
How to Change Your Device Passcode:
- Open the Settings app.
- Tap Face (or Touch) ID & Passcode.
- If you currently have a passcode, enter it, then select Change Passcode.
- When choosing a new passcode, select Passcode Options and tap Custom Numeric Code, or for even more security, Custom Alphanumeric Code.
Not really, but close enough. You can turn on a setting that will wipe your device clean after ten consecutive failed passcode attempts. I would only turn this setting on if you’re super concerned about some of the information you have on your phone, and you have automatic iCloud backups enabled. People with children should be careful, too, since ten failed attempts erases everything, and you’ll need to restore your phone from a backup. But, it is a fantastic security measure.
How to Turn On Erase Data:
- Open the Settings app.
- Select Touch ID (or Face ID) & Passcode.
- Scroll down and toggle on Erase Data.
Stay Away from Phishing Scams & Pop-Ups: Be Cautious Online, in Messages & When Opening Emails
A common way hackers can get to your iPhone is through malware links and scammy emails. You click a link in an email and, unbeknownst to you, the link installs software that gives the hacker access to your iPhone. A good rule of thumb is to only open things (links, messages, emails) from sources you trust. This means:
- If you’re browsing on the web, only open a link if you know where it’s going and know that the site it’s on is legitimate.
- If you receive text messages from unknown numbers, look at the message preview to see if it’s someone you know. If the message is strange, asks for something, or contains a link or other suspicious text, simply delete it.
- If an email contains a newsletter you haven’t signed up for, or if it has a link or attachment that you did not request, then delete it. Sometimes your friend’s email accounts can get hacked. Then the hacker sends emails to everyone they have addresses for. So I’m going to repeat this: never open an attachment or link from an email unless you specifically requested it, even if it is from someone you know.
- When entering information to a website, pay attention to make sure the website is legitimate.
Also, be wary of hackers and scammers posing as companies like PayPal and Apple. I’ve gotten fake PayPal emails in the past telling me I’d been locked out of my account and that I need to click somewhere and sign in. It looked completely legit. I clicked on the link, started to enter my info, and happened to look at the URL and see that it was a subtle variation of PayPal and not PayPal itself. Luckily, I caught it in time. Even though I’ve been on the internet since it started, those hackers almost got me. Stay vigilant, my friends.
Hacker Protection: Use an End-to-End Encryption Service
Did you know that it’s possible for hackers to spy on your messages and calls, track your location, and even intercept two-factor authentication codes if they know your telephone number? Signaling System Number 7 is part of the global network that connects our cellphones. This set of protocols enables cell phone service providers to send and receive information about calls and texts so they can properly bill their customers, but it comes with a price. Government entities and hackers can exploit SS7 to spy on literally anyone’s cell phone as long as they know their phone number, and the target won’t know it’s happening at all.
Although it’s highly unlikely that anyone would use SS7 to hack your iPhone, it’s good to know it’s a possibility so you can protect your privacy. Download and use an end-to-end encryption app such as Signal to send and receive calls and messages to keep all your communications private, especially if you need to share something important. As an additional security safeguard, you can use a secure Wi-Fi network rather than your carrier to send and receive calls and messages.
Keep Your iCloud Account Safe: Change Your Apple ID Password Regularly
As noted above, but worth saying again and again: your Apple ID is incredibly important to your iPhone’s overall security. It’s the one password to rule them all. If your Apple ID is compromised, the hacker will have access to your iCloud, your iCloud keychain, your everything. Regularly changing your Apple ID password adds an additional level of security: it ensures that even if a hacker got ahold of your password, it won’t be valid for long. I recommend creating a new Apple ID password every six months. If you have two-factor authentication enabled, you can change your Apple ID password right on your device. To do so:
- Open the Settings app.
- Tap your Apple ID at the top.
- Select Password & Security.
- Tap Change Password.
- You’ll be asked to enter your iPhone Passcode.
Hacking Apps for iPhone: Keep Your Device Free from Tracking Apps
There’s a set of app developers constantly working to develop hacking apps to sell the public. They’re usually disguised as an app with a different feature set; you download it for free, and it starts doing things behind the scenes that you wouldn’t want. iPhones don’t need to be jailbroken for these to work; although it’s much easier to install a spying app on a jailbroken phone, it’s possible to use one on a device with factory settings as well. Apple’s App Store is always on the lookout for these illicit apps, but they can sneak through the cracks. Try to use apps from reputable companies with lots of reviews, and only apps that have been updated recently.
Image credit: Impact Photography / Shutterstock.com
Public Wi-Fi is one of the easiest ways to get hacked since the network is inherently less secure. For paying bills, logging into accounts, and other private activity, it’s highly recommended you use a closed Wi-Fi network, like the one you have set up at home. A lot of people need to use public Wi-Fi as they do the majority of their work in cafes. If that’s you, consider using a Virtual Private Network (VPN), which will create a private security net around your internet activity.
Stop iPhone Data Theft: Only Use Trusted Charging Stations
In the last few years, you may have noticed the charging stations popping up in airports, cafes, and other public places. While these stations are designed to be convenient for our modern lives, they aren’t guaranteed to be secure. Lightning cables work for transmitting data as well as charging, so clever hackers will create false “charging ports” in public places that, in addition to supplying power, try to access your iPhone’s data. What’s more, once your iPhone has paired via charging cable to a juice-jacking charging station, your device can be wirelessly accessed at any time without your knowledge, as long as the hacker is within range of your wireless network. The easiest way around this is to keep a small battery pack with you to charge your devices when they’re low. That way, everything is charged at home, and you have extra power on-the-go. You can also buy a data-blocking charging cable to use while out and about, though I haven’t been able to find an Apple certified one. If you find one, please link to it in the comments! As a third option, turn on your iPhone’s Lock screen and then don’t use the phone while it’s charging at the public station; this way, your data is secured while your device charges.
Keep Your iPhone Secure: How to Disable Siri on Your Lock Screen
Image credit: Lacey Williams / Unsplash.com
I hesitated to include disabling Siri on your Lock screen. Partially because it’s a feature I use often and therefore wouldn’t turn off myself, partially because it’s more of a long-shot that someone would hack your iPhone with Siri. However, over the years, there have been instances of someone being able to access private information by using Siri and finding a loophole in the iPhone’s security. Of course, every time one of these loopholes is discovered, Apple fixes it in the next update. But if you’re concerned with someone bypassing your iPhone’s Lock screen, it’s a good final measure to implement.
If you’re more concerned about remote hacking, this tip won’t matter as much to you. But if you’re worried about someone picking up your phone and finding their way in, turning off Siri on your Lock screen is the way to make sure they’ll need your passcode to get in.
How to Disable Siri on Your Lock Screen:
- Open the Settings app.
- Select Siri & Search.
- Toggle off Allow Siri When Locked.
For more tutorials about how to use your iPhone and other Apple devices, check out our free Tip of the Day.
Top Image Credit: REDPIXEL.PL / Shutterstock.com