(1) Install a password manager
I recommend “Bitwarden” as your password manager. You can currently install it via Apple Store. Reasons for the recommendation and an alternative can be found in the CloudPirat Privacy Toolbox.
(2) Secure your Apple ID
Use a really secure password or password phrase for your AppleID. Bitwarden can do the job for you. Also write down the new password on a separate, empty tab.
Settings -> AppleID / Password & Security / Password or Change Password
Activate the “two-factor authentication”. In case of logins or unusual changes, Apple will ask for security on an alternative, trusted device or channel.
Settings -> AppleID / Password & Security / Two-Factor Authentication
Turn on “Two-Factor Authentication”
(3) Configure Face ID and Passcode
Set a secure passcode
Settings -> Face ID & Code / Enable Code
Enter a 6-digit randomly generated numeric code. Bitwarden can generate the code for you. Write down the code in Bitwarden and on another separate blank tab.
Alternatively, you can choose an even more secure alphanumeric code via Code Options.
Do not use your FaceID or fingerprint to unlock your phone
Settings -> Face ID & Passcode / USE FACE ID FOOR
Turn off “Unlock iPhone”
This means to log in you have to enter the passcode. Other apps and services are welcome to use FaceID after logging in via passcode.
Restrict notifications in locked state
When your iPhone is locked, no messages or call notifications should pop up on the lock screen. Only when unlocked should notifications of any kind be visible.
Settings -> Face ID & Passcode / ALLOW ACCESS WHEN LOCKED
Turn off all displayed functions.
Erase iPhone after 10 failed login attempts.
If the iPhone falls into strange hands, all data will be deleted after 10 failed login attempts.
Settings -> Face ID & Passcode / Erase data
Turn on “Erase data”
(4) Use apps that are your friends
From the CloudPirat Privacy Toolbox, I recommend the following apps or providers for your iPhone. The apps are almost all open source, the providers are trustworthy and work without tracking you.
Password Manager – As I said, it is very important that you create an individual password or password phrase for all your passwords and accounts. For this I recommend Bitwarden. With Bitwarden you can synchronize all your accounts and passwords with other devices.
VPN – Install Mullvad. It protects you from advertisements and trackers, malware. Configure Mullvad so that it is always active. Read also my article about VPN’s in everyday life.
Internet Browser – I recommend Brave as your default browser. Settings and bookmarks can be encrypted and synchronized with Brave browsers on other devices.
Search Engine – Use Brave-Search as default.
Messenger – Use Signal as messenger
Video conferencing – Jitsi-Meet or just Signal
Navigation – Looking for a navigation app that doesn’t store your locations for eternity? For that I recommend OSMandMaps. The app also lets you download maps to your iPhone for offline use.
Email – the default email app on the iPhone offers some email privacy. What you need is a trusted email service provider. I recommend Mailbox.org from Berlin. There you can set up email, contacts and calendar and synchronize them with all your (mobile) devices.
Newsfeed – Instead of saving a web link from each news channel or even installing an extra app, you could install an RSS reader. The reader collects news from “your” agencies for you and you get a quick overview of what’s going on. For iPhone, Mac and iPad I recommend NetNewsWire (free and open source).
(5) Siri and the Search Settings
Siri is much more than just a harmless voice assistant. It is part of Apple’s personalization system. An AI-powered system which tracks how we use our iPhone. Siri’s suggestions are based on what she knows about us. Siri can also, for example, search your private notebook or dig around in your password manager. Because she wants to learn something about us :wink:. And this knowledge is then most likely on a server in California.
Disable general settings
Settings -> Siri and Search
Turn off all switches
Disable Siri settings per single app
Settings -> Siri and Search / [for each app].
Turn off all switches
(6) Configure Notifications
In the iPhone concept, our apps can send us notifications. This is useful if you’ve had missed calls or want a summary of the day’s news.
However, it is important for your privacy that these messages from apps always remain hidden behind the lock screen and are not visible to the other person. For example, if the phone is lying on the table or even falls into someone else’s hands.
(1) First of all you have to forbid for all messages that the preview of a message (e.g. a phone call) appears when the iPhone is locked.
Settings -> Notifications
Set “Show Previews” to “When unlocked” or “Never”
(2) Now, unfortunately, you have to set your notification settings again for each individual app. Here’s an example for the Signal messenger app:
Settings -> Notifications / Signal
Turn “Allow Notification” on
Turn “Time Sensitive Notifications” on
Under Alerts turn “Lock Screen” off
(7) Turn on Privacy Protection for Email
A feature that protects you from email tracking. Your IP address will be anonymized and remote content (like images or documents) will be loaded safely in the background.
Settings -> Mail / Privacy Protection
Turn on “Protect mail Activity”
(8) Privacy and Security / Some Background
This area has been expanded in the recent iOS updates. News in iOS 15 & 16 are for example the App Privacy Report and the Lockdown Mode.
These improvements are possibly a result of the NSO affair. With the Pegasus spy software, the Israeli company NSO exploited a vulnerability in the iOS message log that allowed iPhones to be infected with a message and their users thus fully monitored. NSO sold this cyber weapon to governments and intelligence agencies worldwide. (Source: TheCitizenLab)
Since 2016, it has been used to wiretap journalists, dissidents and government critics worldwide. Apple first closed this vulnerability in 2021. This type of surveillance also led to the 2018 murder of Jemal Khashoggi by the Saudi Arabian government.
How can you keep tabs on your apps?
Every time you install an app, it asks for permission to access hardware and system services like the microphone, your location, the camera, and more. Since you’ve definitely given too many permissions over time, it’s extremely important to keep an eye on this and reset it every now and then.
(9) Privacy and Security / Location Services
Your location is an important part of your privacy. In my opinion, only the very least apps are allowed to access it. And that should only be the case while you are using the app (e.g. for navigation). The same is true of course for other sensors like something like your microphone, camera or motion sensors.
This means that no matter how much you restrict your apps from accessing location, your iPhone will still give away your location to Apple. Anytime you have location services turned on.
That’s why I recommend you turn location services on only temporarily. You turn them on when you need your location for navigation. After that, you have to turn them off again. OK. Here we go.
Turn on location services and configure your apps
Settings -> Privacy and Security / Location Services
Turn on “Location Services”
Now go through the list of apps that like to access your location. Give apps you use for navigation the right to access your location “When using the app”. All others you set to “Never”.
For system services, I recommend turning off all options including “Find My iPhone” and “Share My Location”.
An example for your app settings using the Apple Navi app “Maps”:
Settings -> Privacy and Security / Location Services / Maps.
Set “Allow Location Access” to “While using the app”.
Now turn off location Services again
Settings -> Privacy and Security / Location Services
Turn off “Location Services”
Confused? What was the point?
If you want to turn on location services for navigation from time to time, you have already configured all your apps for this case. Apple remembers the app settings.
However, since you have disabled location services most of the time, the iPhone will not share your location with Apple during this time.
(10) Privacy and Security / Find My iPhone
This feature allows you to locate, lock or wipe a lost iPhone. If “Find My iPhone” is activated, your iPhone cannot be deleted or reactivated by third parties. It is therefore worthless to thieves if the “Find My” network option is enabled, iPhone can be located even if it is offline or in power saving mode. If your iPhone’s battery is almost empty, it will send its last location to Apple via “Last Location.” You can try this via Apples Find-My Website.
Settings -> Privacy and Security / Location services / Share location
What to do? Should you have your iPhone tracked, or would you rather not share your location?
Apple says they have implemented this functionality as securely as possible and only have anonymized data themselves. Unfortunately, there’s no way to verify that. But you can ask yourself the following questions:
Does the feature help you find a misplaced or lost device? Sure, it does.
Does the function help you to get back a “professionally” stolen device? Surely not.
Is the ability to remotely wipe your data important to you? No. Because you have set the iPhone to erase itself after 10 unsuccessful passcode entries.
Still questions ?😉
In case you want to use your “Find My iPhone” anyway:
If you have enabled the “Find My iPhone” , “Share My Location” and “Last Location” options and then completely disabled Location Services as described, the moment you enable “Lost Mode” (device loss) in iPhone Search, the location disabling will be removed.
(11) Privacy and Security / Tracking
Settings -> Privacy and Security / Tracking
Turn “Allow apps to request tracking” to off
(12) Privacy and security / Additional access rights
After correcting Location Services and Tracking there are 17 more settings in the Privacy & Security section. I cover here only the four most important setting.
Settings -> Privacy & Security / Contacts
Settings -> Privacy and Security / Photos
Settings -> Privacy and Security / Microphone
Settings -> Privacy and Security / Camera
Behind each item you will find a list of apps that want to have access to – e.g. your contacts. Now you have to decide which app should really have access to your contacts. Be sparing with distributing these rights. If you don’t understand something, it’s better to deny an app access to e.g. your contacts.
All other items in the list I would not share with any app for now.
(13) Privacy and Security / Safety Check
With the emergency reset, you can remove all access rights from all apps and people in one fell swoop. A kind of panic button if you have the feeling that something incomprehensible is going on.
Settings -> Privacy and Security / Safety Check / Emergency Reset
Manage Sharing and Access
With iOS16, Apple has added the Safety Check under Privacy. Have you not thought about sharing with others or about access rights for apps? Then you can start here.
Settings -> Privacy and Security / Safety Check / Manage Sharing and Access
(14) Privacy and security / Turn off Analytics and Improvements
Behind this item are 5 settings that you can safely turn off all.
Settings -> Privacy and security / Analytics and Improvement
(15) Privacy and security / Turn off Apple Advertising
Here you can disable personalized advertising
Settings -> Privacy and security / Apple advertising
(16) Privacy and Security / Turn on App Privacy Report
In the app privacy report, app accesses to data or sensors are recorded. You can also see which apps contact which servers or domains. For visited websites you can see very well what network activity your visit triggers.
Settings -> Privacy and Security / App Privacy Report
(17) Privacy and Security / Lockdown Mode
Since iOS16, Apple has introduced a Lockdown Mode to the iPhone. To quote Apple:
Blocking mode is an extreme, optional protection measure that should be applied if you suspect you’ve been hit by a sophisticated cyber attack.
What happens if you activated the Lockdown Mode?
Apps, websites and functions of the iPhone are severely restricted. However, telephony and short messages will continue to work.
Warning: If you enable Lockdown Mode, websites or web ads can easily detect that you have enabled this mode for your protection. Read this short Motherboard article.
Settings -> Privacy and Security / Lockdown Mode