My thinking is to simply turn the phone off. When it is first powered up it is in before first unlock (BFU) mode, where it is the most secure. A more extreme approach is to back up everything to the cloud and wipe the phone before entering the country, then restore it later. Less convenient but more secure if they take your phone away.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Five iPhone Security Features You Should Be Using
- Thread starter MacRumors
- Start date
- Sort by reaction score
Why do you constantly need to use your Yubikey on your own devices? I have two keys (2nd is backup) and the way it works is that once you log in using yubikey on a device then you don't need it anymore on the same authenticated device (iOS, iPadOS, macOS) unless you log out. I have it setup for all my devices for iCloud, Gmail, 1P.. etc and never had NFC fail on me. Even if it does I can use USB-C to authenticate.
Yes, this should be on the list.
Right now the setting is here:
Settings -> <your name> -> Sign-in & Security then scroll down.
What's really baffling about the stolen device protection, is that you can't even check if the phone has the right places saved for you as "home" and "work". When you go into settings, it only shows you the last location it has saved.
They changed this to allegedly prevent stalking, even though this section of settings is behind a face id check.
You should always have contingency plans for your two factor authentication. Two examples that wouldn't require your other devices or your old number: recovery key that you had previously written down or a family/friend you previously added as a recovery contact.
Oh wow that’s weird. I didn’t know that.
Now see this is the type of criticism I can accept from Apple bc that’s baffling
lol well I know that now haha. I normally still have access to my old iPhone when switching to a new one but I had already factory reset and sold the older one so I was screwed for a bit.
One unintended annoyance with Private Relay is that if your home network has any form of DNS based ad-blocking enabled on your router or firewall it’s likely that your browsing experience will now include ads once you’ve activated it.
I have never understood Apple’s 2FA. If i open Safari on my Mac and connect to my iCloud account - i get the verification code in a popup ON MY MAC! Why is this safe?
It does make sense when you think about it. You already proved that you have control over the Mac by linking your Apple Account to it. The logged in device is like a second factor in this case.
This is also the reason why it's important to keep track of the devices that you have linked to your account and be careful with whom you share your account passwords/passcodes.
It's a good idea to carfully go through the recovery options at least once. If you keep your contact details current, you should not have any problems. There are many ways to get into an Apple Account, even when you forget your password. Maybe even too many if you ask me.
It’s all littered with unnecessary security crap. When I want to sync new music to my iPhone I plug in the cable. Each time the freaking Mac tells me I need to approve this on my iPhone. So, tap trust computer, and sure enough, the crap phone asks me for my password. Every freaking time. Bloody useless design.
I truly think you'd be surprised at how many people I have come across without it on!
The one security feature I want Apple to implement on iOS is a firewall. It's so easy, it's set and forget. 24/7 protection from rogue app hosing your data plan, spyware phoning home, annoying ads.😘 Oh right, that's why Apple--or Google--will never implement a firewall on there mobile OS. They don't want to lose that sweet, sweet advertising money.🤑🤑🤑
Agree..if in a hurry, I believe 5 quick presses of the power button does the same thing
Don't think hard reset is a viable option (for me)
How do you login and restore after crossing the border if you have 2-factor enabled?
Wrong on 2 counts:
First, it's not "Settings > Sign in & Security", it's Settings > Apple ID, iCloud, Media & Purchases > Sign in & Security
Second, it's impossible to "manage" two-factor authentication. You can only turn it ON, you can never turn it OFF. So it can't be "managed".
No, sorry - it didn’t make sense at all. Correctly implemented 2FA should be true two factors so the device I’m trying trying to login on should never receive the code!
I'll admit, I was also surprised the first time this happened on my Mac.
The issue is, how should Apple's servers know, from which exact device you're trying to sign in?
Safari is heavily sandboxed and mostly behaves like any other browser. There are no APIs that would give websites the identity of you Mac even before authentication. It is very easy how such an API could be easily abused.
You could of course use PassKeys for your login. In this case, there would likely be no pop-up and no need to provide a 2FA code.
How did you finally gain access???
Additional security methods I strongly recommend and apply on each Iphone in the family:
- dont use a digit pin for unlocking. Use a strong passphrase
- against someone snapping your phone (android has a motion detection)
— add a shortcut to lock the screen and enable mobile data again if someone (thief) activates airplane mode
— lock the screen if any bluetooth disconnects (airpods, car)
— face id lock apps such as whatsapp or mail, so that a thief cannot access it
- disable face id with mask
- disallow default control center access when screen is locked
Unfortunately, some default “design” decisions on the iphone are simply insecure and so simple that it almost seems intentional
Could you go into detail on your third point about the shortcut for Lock Screen and the be tone about Bluetooth disconnecting? TIA
