iOS 11 Security Settings

  • Home
  • /
  • iOS 11 Security Settings

Settings may vary slightly depending on the model of iPhone, iPad or iPod iOS 11 is installed on.

Apple ID, iCloud, iTunes and App Store
Password & Security: enable two-step verification.
iCloud: I turn EVERYTHING off here, except Find my iPhone / iPad. The reason it is important to keep this one feature is because Activation Lock is built into Find My iPhone / iPad using iCloud. What this means is, if your iOS device is lost or stolen, no matter if the phone is reset, wiped, jalibroken, whatever, that device can’t be used for anything unless it is accessed with the iTunes username and password it was set up with. A terrific feature to potentially deter some theft. If you do not have Find My iPhone / iPad turned on, then this feature disappears and acts like the previous iOS firmware – you can wipe the device and use it as if you bought it yourself. Next, pay special attention to Keychain – turn it off. It is a feature that allows passwords and credit cards to be store in iCloud so they can sync across all your devices. It is stated that, “Your information is encrypted and cannot be read by Apple”. Never put this kind of information into the cloud. You are risking a lot by doing so. Of course, there was the famous iCloud incident with nude celebrity photos being stolen. Look Me Up By Email shouldn’t have anything in it, but if it does, check what it is. Share My location is turned off.

Settings / Wi-Fi
If you connect often to public networks, it’s a good idea to remove those from your Wi-Fi list. You can do this by tapping the “i” icon next to the network you connected to. On the next screen, tap “Forget This Network” and then “Forget” when the pop up displays. This will keep your list clean and will reduce any chance one public Wi-Fi access point shares the same name, as hackers can spoof popular Wi-Fi names, thereby potentially allowing for your device to connect to them when you don’t know it. Also, starting with iOS 11, in Control Center, tapping the WiFi icon only disconnects you from the current network. It DOES NOT turn WiFi off like it did in iOS 10. So you will have to go here to completely turn off WiFi.

Settings / Bluetooth
Turn this off when not in use. It has been proven that always on bluetooth can be manipulated. Also, starting with iOS 11, in Control Center, tapping the bluetooth icon only disconnects you from the connected devices. It DOES NOT turn bluetooth off like it did in iOS 10. So you will have to go here to completely turn off bluetooth.

Settings / VPN
If you are on public WiFi and / or are performing some sensitive interactions on your device, getting a VPN service installed on the device is a best practice.

Settings / General / About / Certificate Trust Settings
There isn’t anything that you can do here, but you will see a very long number which according to the link below the number, this number is used for establishing trusted root certificates that is used by other certificates signed by the trusted roots. Confusing huh?

Settings / General / Airdrop
Unfortunately, this is now where you have to turn Receiving Off for Airdrop instead of in the Control Center of iOS 10.

Settings / General / Handoff
I turn this off as it requires an iCloud account to be active to use it. A really cool feature, but due to the insecurity of iCloud, I don’t trust it.

Settings / General / iPhone or iPad Storage
I keep iCloud Photo Library unabled.

Settings / General / Reset / Erase All Content and Settings
Use this when it is time to give / sell your iOS device to someone else. It is the most secure way by default to protect your data.

Settings / Siri & Search
I turn off Listen for “Hey Siri”, Press Home for Siri, Suggestions in Search and Suggestions in Look Up.

Settings / Touch ID & Passcode
This should be self explanatory by having it on. On an iPhone 6 / 6+ or newer, use Touch ID for iPhone Unlock, Apple Pay, iTunes & App Store. For fingerprints, I recommend only one because more than one makes it that much easier for someone to get into your device. I require passcode immediately. I turned off Today View, Recent Notifications, Control Center, Siri (you will not see this option if you turn off Siri in General settings), Home Control and Returned Missed Calls. Finally, I turned on Erase Data so that after 10 failed passcode attempts, all my data is erased.

Settings / Privacy / Location Services
The first one I turn off is the Camera app as I don’t want geotagging capabilities attached to any pictures I take. There are a lot of other apps listed here you will need to check individually and ask yourself if location services really need to be turned on for that particular app.

Settings / Privacy / Location Services / Share My Location
I don’t think I need to explain why this should be turned off, but this feature allows you to share your location with family and friends in Messages and Find My Friends.

Settings / Privacy / Location Services / System Services
I turn off HomeKit, Location-Based Alerts, Location-Based Apple Ads, Location Based Suggestions, Motion Calibration & Distance, Share My Location, Wi-Fi Networking, Significant Locations, iPhone Analytics, Popular Near Me. I turn on Status Bar Icon so that I can see when a service is requesting my location.

Settings / Privacy / Microphone
This feature is turned off because I don’t need to use voice searching, but more importantly, I don’t need my voice added to Siri’s servers or used by a hacker to listen in on my conversations.

Settings / Privacy / Analytics
Nothing is enabled.

Settings / Privacy / Advertising
I turned on Limit Ad Tracking. I also click Reset Advertising Identifier quite often so that my identifier changes, forcing ads to not be targeted (read the About Advertising & Privacy link below it).

Settings / Wallet & Apple Pay
This feature is only for iPhone 6/6+ and newer for Apple Pay. I use Apple Pay so all of the information in this section is entered, but I turn off Double-Click Home Button to remove the ability to see information on the lock screen.

Settings / Accounts & Passwords
Nothing is enabled.

Settings / Phone / Sim Pin
I turned this feature on so that if my iPhone is stolen, the information on the SIM card can’t be accessed without a PIN number.

Settings / Messages
Under Message History, there is a setting for Keep Messages. If you are wanting to add some security to your texts (native texts), you can select the amount of time the texts reside on your device. Under Audio Messages, you can select how long before those expire.

Settings / Safari / Autofill
Nothing is enabled.

Settings / Safari / Frequently Visited Sites
Disabled.

Settings / Safari / Block Pop-ups
Enabled.

Settings / Safari / Prevent Cross-Site Tracking
Enabled.

Settings / Safari / Block All Cookies
Disabled.

Settings / Safari / Ask Websites Not To Track Me
Enabled.

Settings / Safari / Fraudulent Website Warning
Enabled.

Settings / Safari / Camera & Microphone Access
Disabled.

Settings / Safari / Check for Apple Pay
This allows websites to check if Apple Pay is set up. This is definitely disabled.

Settings / Safari / Clear History and Website Data
I do this from time to time.

Settings / Safari / Advanced / Website Data
I frequently tap Remove All Website Data for obvious reasons.

Settings / Photos
Nothing is enabled.