At a Glance
Apple’s current iOS 16 and iPadOS 16 mobile operating systems have introduced new features to your iPhone and iPad, respectively, including several new privacy and security features.
In this article, I’ll be covering the new security and privacy features that are included in the operating systems. For convenience, I’ll simply refer to both operating systems as “iOS 16,” and I’ll make sure to note if a feature is not on both operating systems.
New iOS 16 Security and Privacy Features
Lockdown Mode
Apple introduced Lockdown Mode alongside the release of iOS 16. The feature is an optional, “extreme” level of protection that can block so-called “zero-click” attacks that can hack your iPhone with no interaction on your part. These attacks target vulnerabilities in the iPhone’s apps and features, including web browsing, calling, and messaging.
It should be noted that Lockdown Mode will likely never be needed by the average iPhone user. The protective feature is aimed at iPhone users who could be specifically targeted for surveillance, such as activists, journalists, celebrities, whistle-blowers, and others who could be the targets of hackers, be they independent or nation-state actors.
Lockdown Mode dramatically limits what you can do with your iPhone. Lockdown Mode disables hackers’ favorite access points, greatly reducing your device’s attack surface.
When Lockdown Mode is turned on, several apps and features will function differently. This includes:
- Messages – Blocks most message attachments, while also making links and link previews unavailable.
- FaceTime – Blocks incoming FaceTime calls, unless the call is from a person or contact you’ve already called.
- Web browsing – Blocks certain web technologies, which may cause some websites to load slowly or not at all, images in web pages may be replaced by a missing image icon.
- Apple services – Incoming invitations for Apple services, such as the invitation to control a smart home via the Home app, are blocked unless you have previously invited that person.
- Shared albums – Shared albums are removed from the Photos app and new invitations to share albums are blocked. The shared albums can still be viewed on Apple devices that are not in Lockdown Mode. Shared albums will have to be enabled again, once your device leaves Lockdown Mode.
- Device connections – Your iPhone or iPad must be unlocked to connect to an accessory or another computer.
- Configuration profiles – While in Lockdown Mode, you will be unable to install configuration profiles and the device will be unable to be enrolled in Mobile Device Management.
While the above is disabled, you can still receive phone calls and plain text messages. Also, emergency features, such as SOS emergency calls are unaffected.
How to Enable Lockdown Mode on Your iPhone or iPad
- Open the Settings app.
- Tap “Privacy & Security.”
- Scroll down until you see the “Security” section. Tap “Lockdown Mode.”
- Tap “Turn On Lockdown Mode.”
- On the next screen, you’ll see every feature that is affected by Lockdown Mode. Confirm Lockdown Mode by tapping “Turn On Lockdown Mode” once again (it’s at the bottom of the screen).
- Tap “Turn On & Restart,” then enter your device passcode when prompted.
Safety Check
Also in the settings app is a new “Safety Check” feature that makes it easy for users to quickly reset the access to data and location access that they have granted to other people. Apple says Safety Check is intended for use by those in a possible domestic abuse situation.
To get to Safety Check, open the Settings app and tap on the “Privacy & Security” menu option. On the next screen, scroll down to “Safety Check” and tap it.
Safety Check offers two options, “Emergency Reset” and “Manage Sharing & Access.”
The Safety Check screen has a “Quick Exit” button in the upper right-hand corner of the screen, that will take you immediately to the iPhone’s Home Screen, just in case you believe you’re in danger of getting caught using it. If the Settings icon is tapped again, it takes you to the main Settings screen, not the Safety Check screen.
Emergency Reset
Emergency Reset allows you to protect your iPhone with just a couple of taps of your fingers. Emergency Reset immediately ceases sharing everything with all other people, as well as apps.
The info that this feature immediately stops sharing can include your home data, your location, your photo albums, and more.
Emergency Reset also allows you to remove all emergency contacts and reset your Apple ID and password preventing anyone from logging into your account.
Manage Sharing and Access
For less-than-emergency situations you can use “Manage Sharing and Access”, which walks you through an overview of the information that you’re sharing, viewing what you’re sharing as far as shared albums, location sharing, and other features.
This feature shows exactly who you’re sharing your data with, as well as what data you’re sharing with them. You can then designate people or apps, and then immediately turn off sharing by selecting the “Stop Sharing” option.
You can also control sharing and access for all of the third-party apps you’ve installed by viewing what data they have access to using the provided tools to disable that access (if you wish). This includes data such as Location, Bluetooth, Contacts, and more.
You can also view all of the devices logged into your iCloud account, allowing you to log them out of iCloud. You can also reset your Apple ID and password, as well as deactivate Emergency contacts.
Locked Hidden and Recently Deleted Photo Albums
iOS 16’s Photos app now requires Face ID, Touch ID, or a passcode to open “Hidden” and “Recently Deleted” albums.
Landscape Face ID
On the iPhone 13 and newer iPhone models, iOS 16’s Face ID now works in landscape mode. This allows Face ID to unlock your iPhone, whether you’re holding it in portrait or landscape orientation.
Rapid Security Response
iOS 16 brings the ability for Apple to send out security updates without updating the entire operating system. In previous versions of iOS, security updates came in the form of full operating system updates. However, iOS 16 makes it easy for Apple to send out small security updates, making them quicker to download and update.
Once iOS 16 is installed, your device is set by default to download security updates automatically. You can turn off the automatic updates by going to the Settings app and tapping “General” -> “Software Update” -> “Automatic Updates.”
Pasteboard Permissions
Apps running under iOS 16 are required to request explicit user permission to access the clipboard to copy and/or paste any content. The apps must request permission in the same manner they ask for permission to access your device’s camera, microphone, location, or other sensitive information.
Passkeys
iOS 16 brings a new Passkeys feature, which is intended to replace the use of traditional passwords when signing into an app or website. Passkeys are designed to be more secure than passwords, helping to protect users from malware, phishing, and other types of attacks that are used to gain account access.
The Passkey system uses two keys, a public key stored on the website or app server, and a private key, which is kept on your device. Face ID or Touch ID is then used to authorize the use of the passkey to authenticate the user in the app or website.
Both keys must match to allow a user to log in, and since the device key is only available to the user, it cannot be phished, leaked, or stolen.
Additional security is provided by the system, thanks to the Passkeys’ use of iCloud Keychain, which is also encrypted end-to-end, thanks to its own cryptographic keys.
While passkey synchronization across Apple devices means that even if you lose your iPhone, redundancy means you still have access to the passkeys. Even if you lose all of your Apple devices, you can use an iCloud keychain escrow function to recover the passkey info.
While all of this may sound a bit complicated, it’s really not, and you’ll soon get used to using Touch ID or Face ID to create and use a login passkey.
The Passkey system will not be limited to Apple devices, as Apple is working with Google, Microsoft, and other members of the FIDO Alliance to ensure that passkeys can be used across device platforms. Non-Apple devices will be able to use QR codes to authenticate.
iOS 16 Security and Privacy FAQs
Why should I use Touch ID or Face ID on my iPhone or iPad?
Touch ID and Face ID both allow you to secure your iPhone or iPad by using the two things that only you possess, your fingerprints and your face. With a single glance or touch of the Home button, you can unlock your device, approve the use of passwords, and even log in to apps and websites when used with passkeys.
Why Should I Use a Secure Passcode or Password to Lock My iPhone or iPad?
A secure passcode or password helps prevent anyone from accessing your Apple device when you’re not around. While four or six digital passcodes will prevent the average user (or spouse) from unlocking your device, truly bad actors can likely unlock it in seconds.
However, if you use a lengthy password, it makes it much tougher to unlock your device. A 15-character password can take millions of years to crack, especially if you use numbers, lowercase and uppercase letters and special characters.
Also, a truly secure passcode or password is one that you haven’t used anywhere. You should never reuse a password or passcode, as that makes it easier for bad actors to log in to other apps or websites by simply trying a password they already know from one of your other accounts.
In Closing
iOS 16 and iPadOS 16 bring several security and privacy protections to your iPhone and iPad. By taking advantage of these features you can keep your Apple device more secure, protecting both you and your personal information from the bad actors of the world.