If you haven’t heard, iCloud security is a hot topic these days. From claims that China infiltrated Apple with hidden spy chips (reports that Apple vigorously denies) to last year’s threats from the “Turkish Crime Family” regarding stolen account passwords, it’s understandable if you’re worried about how safe your iCloud data is.
You can learn more about how Apple works on end-to-end encryption that has thus far kept iCloud largely safe from hackers. But there’s plenty you can do on your end to help make iCloud safer and well protected as well. Here are the basic steps you should to increase your iCloud security.
Step 1: Create a strong password
The password you use for iCloud is the same password for your Apple account. Apple requires that this password must be at least eight characters long, use upper and lowercase letters, and have at least one number, but we can do a lot better.
Reset your Apple ID password and make it as strong as possible. That means around 15 characters, both upper and lowercase letters, multiple numbers, and symbols. If you’re worried about remembering a random string of characters, a common tactic is to take a familiar phrase or word and exchange letters for numbers and symbols. However, if you want to invest time in a dedicated password manager, the software can come up with very strong passwords for you. Password managers are becoming increasingly important in today’s digital security environment, so if you don’t use one yet it’s certainly worth considering.
Step 2: Set up your security questions if necessary
If you haven’t visited your Apple ID in a while, you may not have gotten a chance to set up any security questions. These questions work just like the security questions for any thorough online security portal — you set a few specific questions about your life with answers that strangers would never know. Apple will ask these questions when you log into your Apple account or make big changes.
To find your security questions, log into your Apple account with your ID and password, and look for the section that says “Security.” On the right-hand side of the page, select the Edit button to expand the section so you can examine the Security Questions heading. . If you haven’t added any questions, you will see an option to “Add Questions.” If you have set questions up but want to check and refine them, you will see an option to “Change Questions.”
Note: Some people cannot see an option to set up security questions when they log into Apple ID. If you don’t see this option, you can skip this step: This happens when someone sets up two-factor authentication, which overrides the need for security questions and may erase from your account info.
Step 3: Enable two-factor authentication
Apple used to have “two-step verification” but upgraded to “two-factor authentication” which is an effective method of making sure that the real you is accessing your account from one of your real devices. Basically, this authentication sets up a trusted device and/or phone number that Apple will send a verification code to when you try to log in from an unrecognized device.
If you haven’t already done so, turning on two-factor authentication is a simple process. If you have already logged into your Apple account online, you can go to the Security section and look at the section for Two-Factor Authentication, which will take you through the process of setting it up. You can also set up the authentication at any time on your iPhone by going to “Settings, Password & Security,” and enabling “Two-Factor Authentication.”
Again, remember that two-factor authentication will probably cancel out your security questions. We encourage you to set up security questions first so that they (hopefully) remain associated with your account in case support staff needs to verify your identity or something goes wrong with the authentication. However, you are perfectly free to skip right to the two-factor authentication if you want.
Step 4: Always sign out when not using your devices
Finally, always be aware if you are signing into your Apple account on a public device or a device that isn’t yours. This isn’t a very good idea (especially when connected to guest Wi-Fi), but sometimes it may be necessary. Just remember to log back out from your account when you are finished.
In a similar vein, don’t give out your Apple ID or password to anyone if you aren’t sure it’s an official Apple login or representative.