2018 Update: 13 Security Tips to Protect Your iPhone from Hackers

We tend to think of our iPhone getting hacked as a far-fetched scenario, but large tech companies like Apple pay big money to white hat (good guy) hackers to find the bugs and loopholes it can’t see. iPhones can definitely be hacked, even with the ever-increasing layers of security Apple implements to protect our devices. It’s even possible for someone to hack an iPhone remotely via iCloud. While it’s not worth panicking over, it’s good to take precautions and use the security features on our iPhones, and also to exercise caution to not unwittingly allow hackers access to our devices. You can do a lot to secure your iPhone and protect it from possible hackers. The thirteen tips below will ensure you’ve implemented every safeguard possible; here’s how you can protect your iPhone from hackers, both local and remote.

Related: 10 iPhone Security Mistakes You're Making and How to Fix Them

Master your iPhone in one minute a day:

Sign up to iPhone Life's Tip of the Day Newsletter and we'll send you a tip each day to save time and get the most out of your iPhone or iPad.

Don't Let Your iPhone Get Hacked: Never Jailbreak

The number one piece of advice for keeping hackers away from your iPhone is this: never jailbreak your device. Jailbreaking does allow iPhone owners to access apps and software not available in the Apple ecosystem, but it also exposes your phone to viruses and other malware. Also, once you've jailbroken your iPhone you've also voided your warranty, so you won't be able to get help from Apple if something goes wrong with your device.  

Stop iPhone Security Flaws: Update iOS Regularly

Image credit: blackzheep / Shutterstock.com

A lot of iPhone users may be skeptical of this advice and for good reason. Updating your iOS devices to the latest software is the absolute best way to make sure your devices are as protected from hackers as possible. That’s because with each update Apple improves security features and fixes any previously overlooked weak points that might allow hackers access. But the first couple of weeks after an iOS release often reveal problems with the update itself. This is why I highly recommend you update iOS regularly on your phone, but not right away. A week or two is enough time for any major flaws or bugs to become apparent; once an update for the update has been released, it’s past time to update your device. To update your device:

  • Open the Settings app.
  • Select General.
  • Tap Software Update. If an iOS update is available, follow the prompts to download and install.

Keep Your Apple ID Safe from Hackers: Enable Two-Factor Authentication

This is Apple’s latest failsafe for keeping your Apple ID secure. When Two-Factor Authentication is enabled, you have to use a trusted device to log in to a new device. For example, say you got a new iPad. When you go to sign in with your Apple ID for the first time, your other trusted devices like your iPhone will receive a notification asking for approval. If allowed, your iPhone will display a verification code. Once you enter the verification code on your iPad, the device is approved. This feature works so well because anytime someone tries to log in to your Apple ID account, you’ll get a notification and have the ability to approve or deny the attempt. This feature requires iOS 9 or later and has been the default since iOS 11 (although you can still turn it off if you choose). To turn on Two-Factor Authentication:

  • Open the Settings app on your iPhone.
  • Tap your name at the top.
  • Select Password & Security.
  • Tap Two-Factor Authentication.

Keep the Data on Your iPhone Safe: Turn On Find My iPhone

Editorial credit: aradaphotography / Shutterstock.com

This is a no-brainer. When Find My iPhone is turned on, you can see the location of your devices from any of your other devices or any computer via iCloud.com. While it’s not recommended you track down an iPhone that’s fallen into the hands of a thief, Find My iPhone will allow you to find your device if you lose it. However, that’s not why it’s recommended for protecting your device from hackers. The great thing about Find My iPhone is that if your device is stolen, you can remotely erase your device so that none of your personal information can be stolen too. To turn Find My iPhone on:

  • Open the Settings app.
  • Tap your Apple ID at the top and then select iCloud.
  • Scroll down and tap Find My iPhone.
  • Toggle Find My iPhone on.

Keep Your iPhone Safe from Hackers: Switch to a Six-Digit or Longer Passcode

Apple has made six-digit passcodes the default for a while now, but many users prefer to continue using a four-digit code or no code at all. While it may seem like an inconvenience to add two extra digits to your passcode, it’s worth the added security. The possible combinations for four characters versus six is a huge difference. If you're really serious about having a secure passcode, you should consider setting an even longer passcode with both numbers and letters. To do this:

  • Open Settings.
  • Tap Touch ID & Passcode.
  • Select Change Passcode.
  • When choosing a new passcode, select Passcode options and tap Custom Numeric Code, or for even more security, Custom Alphanumeric Code.

iPhone Security: Set Your Phone to Self-Destruct

Not really; but close enough. You can turn on a Setting that will wipe your device clean after ten consecutive failed passcode attempts. I would only turn this setting on if you’re super concerned about some of the information you have on your phone and you have automatic iCloud backups enabled. People with children should be careful too, since ten failed attempts erases everything and you'll need to restore your phone from a backup. But it is a fantastic security measure. To turn on Erase Data:

  • Open Settings.
  • Select Touch ID & Passcode.
  • Scroll down and toggle on Erase Data.

Stay Away from Phishing Scams & Pop-Ups: Be Smart Online, in Messages & When Opening Emails

A big way many hackers will get to your iPhone information remotely is through malware links and scammy emails. A good rule of thumb is to only open things (links, messages, emails) from sources you trust. This means that if you’re browsing on the web, only open a link if you know where it’s going and know that the site it’s on is legitimate. If you receive any messages from unknown numbers, look at the message preview to see if it’s someone you know. If the message is strange, asks for something, or contains a random link or other suspicious text, simply delete it. Same goes for email: if you don’t know who has sent the message, if it's from a contact but contains only a link, or if it’s a newsletter you haven’t signed up for, delete it.

Also be wary of hackers and scammers posing as companies like PayPal and Apple. I’ve gotten fake PayPal emails in the past telling me I’d been locked out of my account and that I need to click somewhere and sign in. It looked completely legit. I clicked on the link, started to enter my info, and happened to look at the URL and see that it was a subtle variation of PayPal and not PayPal itself. Luckily, I caught it in time. Even though I’ve been on the internet since it started, those hackers almost got me. Stay vigilant, my friends.

Hacker Protection: Use an End-to-End Encryption Service

Did you know that it's possible for hackers to spy on your messages and calls, track your location, and even intercept two-factor authentication codes if they know your telephone number? Signaling System Number 7 is part of the global network that connects our cellphones. This set of protocols enables cell phone service providers to send and receive information about calls and texts so they can properly bill their customers, but it comes with a price. Government entities and hackers can exploit SS7 to spy on literally anyone's cell phone as long as they know their phone number, and the target won't know it's happening at all. 

Although it's highly unlikely that anyone would use SS7 to hack your iPhone, it's good to know it's a possibility so you can protect your privacy. Download and use an end-to-end encryption app such as Signal to send and receive calls and messages to keep all your communications private. As an additional security safeguard, you can use a secure Wi-Fi network rather than your carrier to send and receive calls and messages. 

Keep Your iCloud & iTunes Accounts Safe: Change Your Apple ID Password Regularly

Your Apple ID is incredibly important to your iPhone’s overall security. Changing your Apple ID password regularly is the best way to ensure no one accesses it without your permission. I recommend creating a new Apple ID password every six months. If you have two-factor authentication enabled, you can change your Apple ID password right on your device. To do so:

  • Open Settings.
  • Tap your name at the top.
  • Select Password & Security.
  • Tap Change Password.

Hacking Apps for iPhone: Keep Your Device Free From Tracking Apps

There's a set of app developers constantly working to develop hacking apps to sell the public. iPhones don't need to be jailbroken for these to work; although it's much easier to install a spying app on a jailbroken phone, it’s possible to use one on a device with factory settings as well. 

There are some apps that don’t even require installation from the device itself; they work through the cloud. Your iCloud account information is all that's necessary for a hacking app to be installed on your un-jailbroken iPhone. Anyone who has your Apple ID and password can simply sign in to your account and install a hacking app on your iPhone. Once installed, a hacking app tracks phone calls, messages, browser activity, and location, and has access to all the photos, videos, and data on your device. This brings us back to the importance of having a robust Apple ID password that you frequently change, and keep secret. 

Don't Let Your iPhone Get Hacked: Use Secure Wi-Fi & Avoid Logins in Public

Editorial credit: Impact Photography / Shutterstock.com

Public Wi-Fi is one of the easiest ways to get hacked since the network is inherently less secure. For paying bills, logging into accounts, and other private activity, it’s highly recommended you use a closed Wi-Fi network, like the one you have set up at home. A lot of people need to use public Wi-Fi as they do the majority of their work in cafes. If that’s you, consider downloading a Virtual Private Network (VPN), which will create a private security net around your internet activity.

Stop iPhone Data Theft: Only Use Trusted Charging Stations

In the last few years, you may have noticed the charging stations popping up in airports, cafes, and other public places. While these stations are designed to be convenient for our modern lives, they aren't guaranteed to be secure. Lightning cables work for transmitting data as well as charging, so you're opening up all the data on your iPhone every time you plug into a charging station. What's more, once your iPhone has paired via USB to a juice-jacking charging station, your device can be wirelessly accessed at any time without your knowledge, as long as the hacker is within range of your wireless network. The easiest way around this is to keep a small battery pack with you to charge your devices when they’re low. That way, everything is charged at home, and you have extra power on-the-go. You can also buy a data-blocking charging cable to use while out and about, though I haven't been able to find an Apple certified one. If you find one, please link to it in the comments! As a third option; turn on your iPhone's Lock screen and then don't use the phone while it's charging at the public station; this way your data is secured while your device charges.  

Keep Your iPhone Secure: Disable Siri on Lock Screen

Editorial credit: Lacey Williams / Unsplash.com

I hesitated to include disabling Siri on Lock screen. Partially because it’s a feature I use often and therefore wouldn't turn off myself, partially because it’s more of a long-shot that someone would hack in with Siri. However, over the years, there have been instances of someone being able to access private information by using Siri and finding a loophole in the iPhone’s security. Of course, every time one of these loopholes is discovered, Apple fixes it in the next update. But if you’re concerned with someone bypassing your iPhone’s Lock screen, it’s a good final measure to implement.

If you’re more concerned about remote hacking, this is tip won’t matter as much to you. But if you’re worried about someone picking up your phone and finding their way in, turning off Siri on Lock screen is the way to make sure they’ll need your passcode to get in. To disable Siri on Lock screen:

  • Open the Settings app.
  • Select Siri.
  • Toggle off Access When Locked.

Top Image Credit:  REDPIXEL.PL / Shutterstock.com

Master your iPhone in one minute a day: Sign up here to get our FREE Tip of the Day delivered right to your inbox.

Conner Carey is a writer & joyous creator; she works with online businesses to develop their brand and as a creative consultant to help artists of all kinds get unblocked. You can reach her at connercarey.com (coming soon) or @connerleecarey on Instagram. She’s currently garage-selling all of her stuff to hit the road in an RV full-time with her mom, Jan and dog, Jodi. Follow their adventures on instagram @georgiatheRV.