Here are some advanced settings to secure your iPhone.
These are not recommend for the average iPhone user — some of the settings here change big parts of iOS.
These recommendations are adapted from this Reddit post.
- Enable SIM PIN lookup with your carrier’s default pin | “Settings / Cellular / SIM PIN”
- Diable FaceID/TouchID — only use number or alphanumeric passwords | “Settings / Face ID And Password”
- Enable “ten failed password attempts wipes device: | “Settings / Face ID And Password / Very bottom (Erase Data)” (This might also be under Touch ID And Password)
- Disable all lock screen utility | “Settings / Face ID And Password / “ALLOW ACCESS WHEN LOCKED” disable all”
- Hide notifications when device is locked | “Setting / Notifications / Show Previews = (When Unlocked)”
- Disable background app refresh on most apps | “Settings / General / Background App Refresh”
- Enable Find My iPhone | “Settings / Apple ID / Find My iPhone / Find My iPhone (Enable All)”
- Create long secure iCloud password with 2FA
- Disable Bluetooth when not in use
- Disable WiFi autoconnect from settings
- Get a trusted VPN for public networks
- Disable Siri / “Hey Siri” and siri suggestions | “Settings / Siri And Search (Disable All)”
- Disable Raise to listen | “Settings / Messages / Audio Messages”
- Disable Predictive | “Settings / General / Keyboard”
- Disable Dictation | “Settings / General / Keyboard” (Personal Preference)
- Don’t name device after yourself | “Settings / General / About / Name”
- Disable raise to wake | “Settings / Display / Brightness” (Personal Preference)
- Set Auto-Lock to thirty seconds | “Settings / Display And Brightness / Auto-Lock”
- Set location services to only “while using” or off | “Settings / Privacy / Location Services”
- ^ Also under “System Service” disable all under “Product Improvements” “Significant locations”
- ^ “Location-Based Alerts” “Location-Based Apple Ads” and “Location-Based Suggestions”
- Disable everything under “Analytics And Improvements” “Settings / Privacy / Analytics And Improvements”
- Under “Advertising” Enable “Limit Ad Tracking” “Settings / Privacy / Advertising”
- If you plan to do manual backups to a PC, I recommend disabling iCloud backups and any sort of iCloud syncing. | “Settings / Apple ID / iCloud”
- The Fitness tracking collects a lot of information — I recommend disabling | “Settings / Privacy / Motion And Fitness / Set to off”
- Any app that ask for microphone access and doesn’t need it should be turned off | “Settings / Privacy / Microphone / Then change what you want”
- Disable screen time if enabled, unless you use it to block specific apps or to require a password for account changes / password changes | “Settings / Screen Time”
- Disable Siri And Search in Phone “Settings / Phone / Siri And Search (Disable All)”
- I would recommend silencing calls from unknown callers but that’s not the best idea for everyone | “Settings / Phone / Silence Unknown Callers (Off)”
- Disable the default iOS password manager and use something like Bitwarden or a local password manager | “Settings / Password / Accounts / AutoFill Password / Uncheck “iCloud Keychain” and check Bitwarden or your password manager” Also you might want to remove the saved passwords from keychain in the previous page under “Websites And App Passwords”
- Remove apps you don’t use
Settings for the Default Mail App
- Disable the loading of remote images | “Settings / Mail / Load Remote Images”
- Disable Siri And Search | “Settings / Mail Siri / Search / Disable all”
- Change the mail fetch to manual to save battery life and keep background activity low (This will keep mail from automatically updating meaning no notifications) | “Settings / Passwords / Accounts / Fetch New Data / Under Fetch pick manually” I would also turn push off and switch all options to fetch”
Settings That Improve Security On Safari
- Change Safari “Search Engine” to DuckDuckGo| “Settings / Safari / Search Engine (DuckDuckGo)”
- Turn off “Search Engine Suggestions” “Safari Suggestions” and “Preload Top Hit”
- In “Settings / Safari / Advanced / Experimental Features” Enable “Automatic HTTPS Upgrade”