Simple Steps To Harden Your iPhone

The iPhone is the most popular phone in America and Apple does a great job of maintaining secure software. Many people purchase the iPhone and stick with the default security features. Our phones are everything, they hold all of our pictures, messages, financial information and the keys to our social media and email accounts. With all this sensitive data in one spot there’s really no excuse for sticking with the default level of security that comes with the iPhone. Especially when upgrading your iPhone’s security is pretty trivial and requires no technical experience.

Step 1: Use A Strong Alphanumeric Password

The default 6 digit pin that unlocks your iPhone is no bueno, especially when most people use combinations like their own or their kids birthday. A brute force attack can guess these 6 digits in a matter of days. In order to protect yourself against brute force attacks I recommend that you use an alphanumeric code. Instructions for changing your digit password to an alphanumeric one can be found here.

When choosing a password for your phone keep in mind these 5 simple rules:

1. Don’t ever reuse passwords
2. Don’t make your password something guessable ie. birthday, dog name, favorite sports team, kids initials etc.
3. Don’t store your password on other electronic devices
4. Use a combination of symbols, numbers and upper/lower case letters
5. Make your password length as long as possible, ideally greater than 18 characters.

Step 2: Use Biometric MFA

There was a lot of controversy when Apple rolled out the Touch ID on the iPhone, many people feared it to be an Orwellian measure but this really is one of the best ways to keep your phone safe. By no means is this measure perfect but it can give you a little more piece of mind by placing one more obstacle in front of attackers. Instructions for enabling the Touch ID can be found here.

Step 3: Enable Wiping After Failed Authentication

During a Brute Force attempt an attacker is guessing passwords over and over again, there are even special machines that can do this for months on end. Unless your password is hundreds of characters long and composed of pseudo random characters it’s only a matter of time before an attacker gets into your iPhone.

Luckily the iPhone comes with an automatic wiping feature that will destroy all data on your phone after a number of failed authentication attempts. Let me be clear this will DESTROY EVERYTHING on your phone after 10 failed login attempts so BE CAREFUL. I don’t recommend using this feature if you have kids because they could grab your phone and wipe it by accident. The instructions for enabling wiping can be found here.https://help.apple.com/iphone/9/#/iph14a867ae

Apple also offers manual remote wiping.

Step 4: Change your Borwser and Search Engine

Google does a lot of great stuff but targeted advertising is out right creepy and data manipulation by search engines and social media companies is causing mass psychosis and political upheaval. Saving the world might be as simple as using an ethical search engine. You can find the instructions for changing your default search engine can be found here.

Step 5: Use Encrypted Messaging

Every message you sent can be seen by anyone at anytime unless it is protected with encryption. In case your unfamiliar encryption is just a way of scrambling data in order to protect the information. I recommend using the Signal for encrypted messaging. It’s an open source application who’s mission is to enable the world to speak freely. It’s protocol is of late the gold standard for encrypted messaging. You don’t need to do anything to configure the app, just download it and start speaking freely !

Let me know if you’ve got any cool tricks for hardening you personal security in the comments. Thanks for reading !

Corey’s Corner Podcast: https://anchor.fm/coreys-corner
Learn To Code: https://www.youtube.com/channel/UCfd8A1xfzqk7veapUhe8hLQ