Before submitting your phone to Fort Knox, we’ll explain each option so you can decide if you need these features.
Security Key: Don’t Lose Your Dongle
By now you should have seen how important it is to enable two-factor authentication for all your sensitive accounts (if you don’t know how to do that, start here). This extra layer of security is added to your password and means you get a code (via an app or text message) that you enter to verify your identity.
Physical security keys are the next level and replace security codes. These are usually small dongles that look like thumb drives and connect to devices through ports either via Near Field Communication (known as NFC) or by displaying manually entered codes. To do. If you have this key, the other party can confirm that you are who you claim to be.
Reason for existence: There are certain hacks that can be used to steal text-based two-factor authentication codes and break into accounts. Security keys reduce the risk of someone breaking into your account by relying on your physical device for the second form of verification.
How to turn it on: First, purchase two security keys. Apple supports his FIDO certified keys, and the best known manufacturer is Yubico, which sells options that can be plugged into the iPhone’s Lightning port. To pair them with your phone, make sure they are running iOS 16.3, then[設定]→[アカウント](Your name will be displayed at the top of the screen) →[パスワードとセキュリティ]→[セキュリティ キーを追加]and follow the prompts.
Target audience: For most iPhone users, no security key is required. These are typically used by people who are considered at high risk for targeted attacks, such as those trying to break into social media or cloud her accounts. Apple specifically lists celebrities, journalists, and public officials as target audiences.
Cooper Quintin, senior public interest technologist at the Digital Rights Group, said many unnamed people are at risk of being targeted by these types of attacks. Electronic Frontier Foundation. Examples include who has access to important information. They include leaders and system administrators of large corporations, activists in countries with weak free speech and media protections, and those concerned about stalkers and abusive partners.
Many private people also find keys easier to use than bulk text codes.
However, he said one of the reasons he does not switch to physical security keys is that he cannot switch to physical security keys because keys are something that needs to be tracked and can be lost. increase. account. (That’s why Apple requires him to have two keys and tells him to keep them in separate places in case one is lost or stolen.)
“If you have it, great. . “For the average user, it’s totally unnecessary. If you’re Joe Biden or Taylor Swift, you should probably do these things.”
Advanced Data Protection: Better Encryption
With this new feature, more types of data are end-to-end encrypted by Apple. This means that when data is stored in iCloud, Apple itself cannot access it in the event of a data breach, or even if requested by the government or the government. user. Advanced Data Protection was released in the US last year, but now his iOS update makes it available to everyone around the world. Some types of data, such as health data, are already end-to-end encrypted, but this feature adds device backups, message backups, iCloud Drive, notes, and photos. (Mail and Contacts app data is not included.)
Reason for existence: In the event of a cloud breach, criminals lose access to the majority of data stored there. They also hand over iCloud data such as backups of Messages conversations when requested by governments or law enforcement agencies. It also prevents Apple from being forced to do so. While Security Keys protect you from targeted attacks, Advanced Data Protection is a defense against large-scale breaches.
How to turn it on: Make sure you’re running iOS 16.3, then[設定]→[あなたのアカウント](Your name will be displayed at the top of the screen) →[iCloud]→[高度なデータ保護]Go to. Set up account recovery here. You can add recovery contacts (such as family members) to get a 28-character recovery key. These will help you access your account if something happens.Then go back and tap to enable advanced data protection.
Target audience: Anyone can safely turn this feature on, but be prepared for increased responsibility. If you lose access to your device and recovery options, Apple will lose access to your data. However, there is no day-to-day difference that you will notice as an iPhone user.
“Advanced Data Protection is definitely worth enabling,” says EFF’s Quintin. “Apple has done a very good job of creating multiple ways to recover your account so you don’t lose access to your data.”
Lockdown mode: not for everyone
Apple recently added an option called Lockdown Mode, especially for the most high-risk and high-profile iPhone users. It restricts various apps and features to minimize the chances of an outside attacker compromising your device, especially through vulnerabilities not yet discovered by his Apple itself. This setting comes with significant trade-offs, so don’t use it unless you have good reason to be concerned about targeted attacks or device security. For example, it blocks attachments in many messages and some websites may not work.
What Everyone Should Do to Stay Safe
Enabling advanced data protection or using security keys are good options to consider based on your level of risk.However, there are some more important security steps Everyone should take
- Update your software: Unknown software vulnerabilities can be exploited by criminals. Update your phone and computer operating systems as soon as new releases are released, and turn on automatic updates for all the applications you use.
- Use strong passwords: Use long, unique and strong passwords for all accounts, including Apple and Google, all social media, and anything related to finance. Remembering the best passwords can be impossible, so consider using a password manager like 1Password or Dashlane.
- Enable two-factor authentication: Turn it on for anything you allow, such as your phone, your Facebook profile, your bank account, or your Google Docs account where you write down your hopes and dreams.