5 Steps to Protect Your iCloud Apple ID

March 28th, 2017
5 Steps to Protect Your iCloud Apple ID

With the story this week of hackers threatening to wipe millions of Apple devices it's always good to review your security practices here we look at how to Protect your iCloud Apple ID .

Here's 5 ways to protect protect your iCloud Apple ID :

1 - Enable 2 Factor Authentication

Two-factor authentication is an extra layer of security for your iCloud Apple ID, designed to ensure that you're the only person who can access your account, even if someone knows your password.

When you attempt to log in to your iCloud account from a computer you haven't logged in from before (or a hacker attempts to) you will be sent a notification on your other devices such as iPad or iPhone to say that someone is attempting to log in, if its you; you approve the login and are presented with a code, which you then enter in to the device you have attempted to log in to.

 Protect Your iCloud Apple ID with 2 factor authentication

For more information on how to enable this feature visit this Apple article

2 - Use a Secure Password

Be unique! Use different, unique passwords for each site. (Password managers such as LastPass make this much easier) Then if a data breach happens with one site only you're account on that site is the effected.

Never Biographical If data can be found out about (your dogs name from social media for instance) and that data is used in your password then it compromises that password.

Go Long! The best passwords are over 16 characters long, the longer your password, the harder it is to crack. Tell a story to make it easier to remember IOwnEveryNKOTBAlbum! (That's not biographical!)

Use mixed case, numbers and symbols. Though there is a big debate on the effects of the complexity of passwords vs length, its a requirement of a lot of websites to have a mix.


3 - Never Jailbreak

Apple restrict their devices to their own software and approved apps, Jail-breaking your device allows you to install your own apps, customize the interface and generally have a more open device similar to Android. This can cause several issues, by jail breaking your device you are often not able to install Apple iOS updates as it will break the software until the jailbreak is updated, this leads to security flaws in the software being left open and unpatched. Secondly, though the flexibility of being able to install your own apps and operating system features is great on the surface, you don't know where those apps are being distributed from, they haven't been through Apples stringent testing procedure and they could contain viruses that can access your data. Its often the biggest complaint of Apple devices, but their restriction on what can be installed is one of their best security features.

4 - Reset your iCloud browser access

Two factor authentication will only ask on non trusted browers, basically that means browsers on computers which you've access the service on before. If you think you may have logged in from a non secure location, such as a hotel, you can reset your known browsers. To do this login to https://www.icloud.com/ > click the settings icon > scroll down to the bottom and choose sign out of all browsers.

icloud reset browser security screenshot

You will need to log back in using your iCloud Apple ID next time you sign in and verify using two factor if you've enabled it.

5 - Use a pass-code

An obvious one but always use a pass-code also known as a pin on your phone, a pass-code is the first line of defense if you loose your device. We only need to look at the FBI story in 2016 where they couldn't access a phone without the owners pass-code.

Finally check your logged in devices regularly, within your iCloud settings you can manage devices which are logged in with your account.

iCloud Apple ID devices

If you don't recognise any of the devices, remove it from your account by clicking on the device > then click the blue X next to the device within the list. That device will then need to reconnect to your iCloud account via a secure login.

As always if you'd like advice on any area of cyber security, don't hestitate to get in touch with Steve or any of the team at ATG who will be more than happy to help.