Mobile Devices: Settings
Please note that your threat model, life circumstances, and personal safety are top priority. These recommendedations are a general “one-size-fits-most” solution to mass data collection. Your situation may require enabling or disabling settings, features, and apps contrary to what we recommend to ensure your own safety or that of your loved ones. Always prioritize your safety and consider what your threat model requires. See my criteria for this page here.
iOS 18
- Apple Account (Your name at the top of the settings) > Sign-In & Security > Two-Factor Authentication: On (Security Keys recommended if you plan to use iCloud or other Apple products tied to your Apple account)
- Apple Account > iCloud > Saved to iCloud: Disable everything (Be sure to delete the data from iCloud first) (Note: if you are interested in using iCloud, see here)
- Apple Account > iCloud > iCloud Backup: Off (See my backup recommendations here)
- Apple Account > iCloud > Advanced Data Protection: See here
- Apple Account > Find My > Find My iPhone > Find My iPhone: Enabled (required for Stolen Device Protection)
- Apple Account > Media & Purchases > View Account > Personalized Recommendations: Off
- Apple Account > [Your iPhone Name] > Find my iPhone: Find My Network: Off
- Apple Account > [Your iPhone Name] > Find my iPhone: Send Last Location: Off
- Apple Account > [Your iPhone Name] > iCloud Backup: Off
- Apple Account > Contact Key Verification: Enabled
- Wi-Fi > Edit (top right corner) > Remove networks you no longer regularly connect to
- Wi-Fi > [Your network] > Private Wi-Fi Address: Rotating
- Wi-Fi > [Your network] > Limit IP Address Tracking: On
- Wi-Fi > Wi-Fi should be disabled when you are not actively connected to a network.
- Wi-Fi > Auto-Join Hotspot: Never
- Bluetooth: Off unless needed.
- Cellular > SIM PIN > Create a custom PIN
- Cellular: Disable Cellular Data for any apps you don’t need 24/7 access to.
- Cellular: Wi-Fi Assist: Off
- General > Software Update > Automatic Updates: All on
- General > AirDrop > Receiving Off (Adjust only when using it, otherwise leave it off)
- General > AirPlay & Continuity > Automatically AirPlay: Never or Ask
- General > Autofill & Passwords > Autofill from: Your password manager of choice
- General > Keyboards > Enable Dictation: Off
- Display & Brightness > Auto-Lock > Shortest option you can reasonably put up with. Do not set it to leave the screen turned on.
- Search > Show Recent Searches: Off
- Search > Improve Search: Off
- Siri > Talk to Siri: Off
- Siri > Siri & Dictation History: Delete Siri & Dictation History
- Siri > Suggestions: Disable all
- Siri > Siri App Access: Disable all
- Wallpaper: Set your lock screen to something that doesn’t reveal sensitive personal information (eg, no family photos, etc)
- Notifications > Show Previews: Never
- Notifications > Screen Sharing: Notifications Off
- Notifications > Siri Suggestions > Allow Notifications: Off
- Notifications > Notification Style: Disable notifications for apps that you don’t need instant notifications from
- Touch/Face ID & Passcode > Stolen Device Protection: Enable
- Touch/Face ID & Passcode > Turn Passcode On: Try to set an alpha-numeric password if possible, otherwise use a six-digit PIN. A fingerprint is also acceptable if your device allows it (coupled with a strong password or PIN). Face ID should be avoided.
- Touch/Face ID & Passcode > Require Passcode: Immediately
- Touch/Face ID & Passcode > Allow Access When Locked: the fewer the better
- Touch/Face ID & Passcode > Erase Data: Enabled (Beware of this setting, make sure you understand it)
- Privacy & Security > Location Services: Disable for everything that doesn’t need it, and set those to “While Using”
- Privacy & Security > Location Services > System Services: Disable all except Find My iPhone (needed for Stolen Device Protection)
- Privacy & Security > Tracking > Allow Apps to Request to Track: Off
- Privacy & Security: Review all the other app settings and make sure apps only have access to the settings they actually need. Otherwise, disable them. Disable as many as you can without breaking the app functionality.
- Privacy & Security > Safety Check: This is a good tool if you’re not using a brand-new Apple ID. It will show you any files you are sharing, any other devices you are logged into, etc and allow you to remotely disable them.
- Privacy & Security > Analytics & Improvements: Disable everything
- Privacy & Security > Apple Advertising > Personalized Ads: Off
- Privacy & Security > Stolen Device Protection > Stolen Device Protection: Enable
- Privacy & Security > Lockdown Mode: On (This will disable a significant number of features, however if you are able to live without them, it will help protect other users who need this feature from being easily identified.)
- App Store > App Updates: On
- App Store > Personalized Recommendations: Clear App Usage Data
- Game Center: Disable
- Apps > Health Data > Medical ID: I encourage you to set this up in case of emergency. Saving a life should always be prioritized over privacy.
- Apps > Messages > Notifications: Off (if you plan to use Voice-over-IP)
- Apps > Messages > Keep Messages: 30 Days
- Apps > Messages > Filter Unknown Senders: Enabled
- Apps > Phone > Notifications: Off (if you plan to use Voice-over-IP)
- Apps > Phone > Silence unknown callers: On (This is, like everything, user discretion, but for most people this will dramatically reduce the number of spam calls. If you use your SIM number instead of VoIP, be sure to enter any important phone numbers such as a child’s school or coworkers into your contacts so you still get their calls.)
- Apps > Photos > iCloud Photos: Off
- Apps > Maps > Ratings and Photos: Off
- Apps > Maps > Show Ratings and Photos Suggestions: Off
- Apps > Maps > Allow Photo Providers to Use Your Photos: Disabled
- Apps > Maps > Ride Booking: Examine to ensure you’re not sharing data with apps when you don’t want to
- Apps > Photos > Enhanced Visual Search: Off
- Apps > Safari > See Privacy Guides’ Safari page if you plan to use Safari
- Apps > Translate: On-Device Mode: On
- Now scroll back up to Screen Time > Improve Communications Safety: Off
- Screen time > Content & Privacy Restrictions: Enable
- Screen Time > Content & Privacy Restrictions > Allowed Apps: Disable everything you do not intend to use.
- Screen Time > Content & Privacy Restrictions > Privacy & Allowed Changes: Set all to “Don’t Allow Changes.” This will prevent changes from being made on your behalf next time you update.
- Any settings not covered are personal preference and are unlikely to cause any privacy or security issues no matter how you set them.
Android 14
NOTE: Due to the nature of Android devices, the exact layout of the menu may vary from device to device.
- Network & Internet: Internet: Carrier settings: Allow 2G: Disabled
- Network & Internet: Internet: Carrier settings: Require encryption: Enabled
- Network & Internet: Internet: Saved Networks: Remove old networks you no longer use
- Network & internet: Private DNS: Private DNS provider hostname: Automatic or Any provider from this list (You can ignore this if you plan to use a VPN on your device)
- Connected devices: Connection preferences: Bluetooth: Disabled when not in use
- Connected devices: Connection preferences: Printing: Default Print Service: Use Print Service: Disabled when not in use
- Connected devices: Connection preferences: Quick Share: Off when not in use
- Apps: All apps: Uninstall or disable any apps you don’t use
- Apps: Default apps: See Securing Mobile: Replacement Apps
- Notifications: Notification history: Disabled
- Notifications: Device & app notifications: Review settings
- Notifications: Notifications on lock screen: “Don’t show any notifications”
- Notifications: Enhanced notifications: Disabled
- Display: Lock screen: Privacy: Don’t show notifications at all
- Display: Screen timeout: Shortest duration you are comfortable with
- Wallpaper & style: Set your lock screen to something generic and non-personal (no family photos, etc)
- Accessibility: Text-to-speech output: Preferred engine settings: Anonymous usage reports: Off
- Security & Privacy: Device Unlock: Screen lock: Strong password preferred, followed by PIN, then Pattern.
- Security & Privacy: Device Unlock: Screen lock settings: Enhanced PIN privacy: Enabled
- Security & Privacy: Device Unlock: Screen lock settings: Lock after screen timeout: Shortest duration you are comfortable with
- Security & Privacy: Device Unlock: Face & Fingerptint Unlock: Acceptable coupled with a strong password or PIN
- Security & Privacy: Privacy: Permission manager: Check each app for any unncessary permissions and revoke them.
- Security: More security & privacy: Usage & diagnostics: Disabled
- Security: More security & privacy: Extend Unlock: Disabled
- Security: More security & privacy: Device admin apps: Find my device: Enabled (only if you enable “Find My Device” in the “Securty & Privacy” settings)
- Security: More security settings: SIM lock: Enable (contact your provider for the SIM PIN)
- Security: More security settings: Encryption & credentials: Clear credentials (this may be a good idea if this is not a new phone)
- Location: Disable if you don’t use it, otherwise review apps and disable permissions accordingly
- Location: Location services: Disable all (emergency services will still be able to pull the information regardless if you call them)
- Passwords & accounts: Empty all saved passwords, use a password manager instead
- Google: Disable everything (exception: enable “Opt out of Ads Personalization”)
- Any settings not covered are personal preference and are unlikely to cause any privacy or security issues no matter how you set them.
- Note: it is possible to use an Android device without ever signing into a Google account for added privacy. This must be done during device setup. You can use F-Droid (or another client such as F-Droid Basic) to procure many open source apps, and Aurora Store as a proxy for the Play Store for anything else you can’t get on F-Droid. Note that with Aurora you will not be able to use Google to process app-related payments such as subscriptions or one-time payments to download the app. In these cases, it should be possible to sign into the Play Store exclusively without signing into Google on the entire device.
- Note: Android in particular is capable of a number of powerful, privacy- and security-enhancing strategies that iOS is not, such as the aforementioned “no account required,” alternative app stores, sideloading, user profiles, and much more. Some of these are advanced techniques, but not all, though many of them fall outside the scope of this site. For those using or considering an Android device, I strongly encourage you to check out Privacy Guide’s Android page to get an idea of some of the things your phone is capable of.
By enabling all of these settings, you are significantly reducing the amount of tracking and data collection these devices perform, but keep in mind that you are not completely eliminating it.