Some of the most important iPhone privacy settings are also the most buried — and they’re absolutely worth your while to uncover and put into action.
You might not know it from all the panic-inducing headlines out there, but iPhone is actually packed with practical and powerful privacy options. Some are activated by default and protecting you whether you realize it or not, while others are more out of the way but equally deserving of your attention.
Ready? Ready. Let’s do this:
iPhone setting No. 1: Use a passcode
First step: set up a passcode. Do not walk around with an iPhone that anyone can swipe to open. Protect your iPhone with a passcode — preferably a six-digit passcode or a custom numeric or alphanumeric code. With either Touch ID or Face ID, you won’t need to enter your passcode unless your finger is wet or you are bundled up to a degree that your face is obscured. You can set up a passcode by going to Settings > Touch ID & Passcode or Settings > Face ID & Passcode and enroll your fingerprint or face. Make sure iPhone Unlock is toggled on after you set up your passcode.
If you have a phone that supports Face ID, make sure the Require Attention for Face ID option is enabled so that your phone can’t be unlocked when your eyes are closed. If you choose a PIN, make the PIN a more complex alphanumeric code so that it’s harder to guess. To do so, tap Change Passcode, enter your passcode, and then tap Passcode Options.
iPhone setting No. 2: Change what’s accessible on your lock screen
If someone else ever gets their sweaty paws on your iPhone, you don’t want ’em to be able to access any of your personal and/or company information — right?
Well, take note: iPhone typically shows notifications on your lock screen by default — which means the contents of emails or other messages you receive might be visible to anyone who looks at your device, even if they can’t unlock it.
If you tend to get sensitive messages or just want to step up your security and privacy game, you can restrict how much notification info is shown on your lock screen by going to Settings > Notifications > Show Previews and pick either When Unlocked or Never. Always will, as the name implies, always show the content of your notifications even when your phone is locked.
iPhone setting No. 3: Limit activities on your locked iPhone
Here’s arguably the most important part of completely securing your iPhone. Go to Settings > Face ID/Touch ID & Passcode > enter your passcode and then scroll down to the section labeled Allow Access When Locked.
There you’ll find a list of different device features, ranging from things like Siri and Today View to Control Center and Wallet. Every feature with the switch in the on position can be accessed directly from the lock screen, even when your device is locked.
For instance, I was able to pick up my wife’s phone, hold in the side button to trigger Siri and tell it to send a message or make a call. I could also swipe to the right across the lock screen to view her Today View page, where she has widgets that included her day’s agenda and other personal information — all while the phone was locked.
Go through this list and turn off any features you don’t want anyone to have access to. I suggest turning off all of them if you really want to keep your phone and its information locked down. Leaving something like Home Control turned on may seem innocent, but depending on how many and the types of HomeKit devices you have, someone could control your smart home. Thankfully, Apple requires authentication before you can unlock a door or open a garage door.
iPhone setting No. 4: Enable data protection
This should be something you only do if you regularly back up your iPhone and can get your information back without any issues.
Go to Settings > Face ID/Touch ID & Passcode > enter your passcode and then scroll the very bottom of the page. Slide the switch next to Erase Data to the on position.
With Erase Data turned on, your device will automatically factory reset itself after someone incorrectly enters a passcode 10 times.
The process isn’t something that takes place in just a few minutes. After a few incorrect attempts, your phone will set a time limit before someone can retry to enter your passcode again. After another failed attempt, the time between attempts will be extended. For someone to reach the 10 failed attempt mark would take 1 hour and 36 minutes before the erase feature would be triggered.
iPhone setting No. 6: Enable two-factor authentication
Two-factor authentication adds a second layer of security to your Apple account, in this case requiring a one-time-use code alongside your password for you to log in from an unfamiliar device. After you set it up, even if someone has your password, they shouldn’t be able to access your account without also having your phone or computer. For example, if you have an iPhone and you sign in to a new Mac for the first time, it will prompt you to enter a verification code that pops up on your phone. If you buy a new iPhone and don’t have another Apple device, you’ll receive a text message with the code. If you haven’t set up two-factor authentication for your Apple ID, you should.
To enable it from your phone, head to Settings > [Your name] > Password & Security, and then tap Turn on two-factor authentication.
iPhone setting No. 6: Enable FindMy
Whether you’ve simply misplaced your iPhone around the house or office or you’ve actually lost it out in the wild, always remember that iOS has its own built-in mechanism for finding, ringing, locking, and even erasing a device from afar.
The iPhone Find My feature should be enabled by default. You can make sure by heading
Audit app permissions
A screenshot of the Privacy menu on iOS.
Why: Every time you install an app, it asks for permissions to access hardware and system services such as the microphone, your location, the camera, and more, but mindlessly tapping through these notifications is all too easy, and you could miss some indicators of problematic app behavior. For example, some apps that don’t need location data to function still record that data so that they can sell it—alongside other information they collect about you—to marketing firms.
Open Settings & Security > Privacy and scroll through each of the various privacy controls. (Alternatively, you can open Settings and scroll to the bottom for a list of apps and then go through it that way. And a future update will add a new dashboard, called the App Privacy Report, that provides more details.) Accessing Location Services ranks among the most overreaching requests that apps make, so it’s worthwhile to make sure that Location Services on most apps is set to Never or While Using. For any app that doesn’t require your exact location but can function with an approximate location, such as a weather app, disable Precise Location. Very few apps are enhanced by knowing your location, so that’s often data they collect just to bundle up and sell to advertising companies. The same goes for Bluetooth: For years, retail stores have quietly used Bluetooth to track your location when you’re shopping.