Securing Mobile: Settings
See my criteria for this page here.
iOS 15
- Apple ID: Password & Security: Two-Factor Authentication: On
- Apple ID: iCloud: Disable everything
- Wi-Fi: Wi-Fi should be disabled when you are not actively connected to a network.
- Wi-Fi: Ask to Join Networks: Off
- Wi-Fi: Auto-Join Hotspot: Off
- Bluetooth: Off unless needed.
- Cellular: SIM PIN: Create a custom PIN
- Cellular: Disable Cellular Data for any apps you don't need 24/7 access to.
- Notifications: Scheduled Summary: Off
- Notifications: Show Previews: Never
- Notifications: Screen Sharing: Off
- Notifications: Siri Suggestions: Allow Notifications: Off
- General: Software Update: Automatic Updates: On
- General: AirPlay & Handoff: Disable all
- General: Background App Refresh: Off
- Display & Brightness: Auto-Lock: the shortest option you can reasonably put up with. Do not set it to leave the screen turned on.
- Display & Brightness: Raise to Wake: Off
- Wallpaper: It is encouraged to pick a lock screen that does not contain any sensitive images, like pictures of your family.
- Siri & Search: Disable everything completely
- Touch ID & Passcode: Turn Passcode On: Try to set a password if possible, otherwise use a six-digit PIN
- Touch ID & Passcode: Require Passcode: Immediately
- Touch ID & Passcode: Allow Access When Locked: the fewer the better
- Touch ID & Passcode: Erase Data: Enabled (Beware of this setting, make sure you understand it).
- Exposure Notifications: Using these is discouraged unless required by law, but it is ultimately up to you.
- Privacy: Location Services: Disable for everything except navigation apps, and set those to "While Using"
- Privacy: Location Services: System Services: Disable all (trust me, it won't cause any problems)
- Privacy: Location Services: Significant Locations: Disable and Clear History
- Privacy: Tracking: Allow Apps to Request to Track: Off
- Privacy: review all the other app settings and make sure apps only have access to the settings they actually need. Otherwise, disable them. Disable as many as you can without breaking the app functionality.
- Privacy: Analytics & Improvements: Share iPhone Analytics: Off
- Privacy: Apple Advertising: Personalized Ads: Off
- Finally, scroll back to Screen Time: Content & Privacy Restrictions: Enable, and set every setting to "Don't Allow." This will ensure that Apple doesn't make any changes to your privacy settings automatically when updating the OS.
- App Store: App Updates: On
- App Store: Personalized Recommendations: Clear App Usage Data
- Wall & Apple Pay: Turn everything off. You should not use this feature if possible.
Passwords: Clear this section out and turn everything off. Use a password manager instead. - Phone: Notifications: off (if you plan to use Voice-over-IP)
- Phone: Silence unknown callers: on
- Messages: Notifications: off (if you plan to use Voice-over-IP)
- Messages: iMessage: off (if you plan to use Voice-over-IP)
- Messages: Keep Messages: 30 Days
- Maps: Share ETA: Off
- Health: Medical ID: I actually encourage you to set this up in case of emergency. Saving a life should always be prioritized over privacy.
- Photos: Disable all
- Game Center: Disable
- Now scroll back up to Screen Time: Content & Privacy Restrictions: Allowed Apps: Disable all (except maybe Camera if you use that, you should not be using any other apps).
- Screen Time: Content & Privacy Restrictions: Privacy & Allowed Changes: Set all to "Don't Allow." This will prevent changes from being made on your behalf next time you update.
- Any settings not covered are personal preference and are unlikely to cause any issues no matter how you set them.
Android 12
- Network & internet: Private DNS: Private DNS provider hostname: Any provider from this list
- Connected devices: Connection preferences: Bluetooth: Disabled when not in use
- Connected devices: Connection preferences: Printing: Default Print Service: Use Print Service: Disabled
- Connected devices: Connection preferences: Nearby Share: Off
- Connected devices: Connection preferences: Android Auto: Disabled
- Apps: All apps: Uninstall or disable any apps you don't use.
- Apps: Default apps: See Securing Mobile: Replacement Apps
- Apps: Default apps: Home app: Swipe to access Google app: disabled
- Apps: Default apps: Home app: Overview suggestions: disabled
- Notifications: Notification history: Disabled
- Notifications: Bubbles: Disabled
- Notifications: Device & app notifications: Review settings
- Notifications: Notifications on lock screen: "Don't show any notifications"
- Notifications: Enhanced notifications: off
- Display: Lock screen: Don't show notifications at all
- Display: Screen timeout: Shortest duration you are comfortable with
- Display: Wallpaper & style: Change wallpaper: Set your lock screen to something generic and non-personal (no family photos, etc)
- Accessibility: Text-to-speech output: Preferred engine settings: Anonymous usage reports: Off
- Security: Screen lock: Strong password preferred, followed by PIN, Pattern, and Swipe.
- Security: Screen lock: After enabling: "Don't show notifications at all" or "Show sensitive content only when unlocked."
- Security: Smart Lock: Not recommended
- Security: SIM card lock: Enable (contact your provider for the SIM PIN)
- Security: Encryption & credentials: Encrypt phone: Enabled
- Security: Encryption & credentials: Clear credentials (this may be a good idea if this is not a new phone)
- Security: Trust agents: Disabled
- Privacy: Privacy dashboard: Review and know where to find it and how to read it. This is a useful tool
- Privacy: Permission manager: Review each category and app.
- Privacy: Show passwords: Disabled
- Privacy: Notifications on lock screen: "Don't show notifications at all" or "Show sensitive content only when unlocked."
- Privacy: Personalize using app data: Disabled
- Privacy: Autofil service from Google (if in use): Use Autofill with Google Disabled
- Privacy: Google location history: Disable if signed in
- Privacy: activity controls: Review if signed in
- Privacy: Ads: Opt out of Ads Personalization: Enabled
- Privacy: Usage & diagnostics: Disabled
- Location: Disable if you don't use it, otherwise review apps and disable permissions accordingly
- Safety & emergency: Emergency Location Services: Disabled (they will pull the information regardless if you dial emergency services)
- Passwords & accounts: Empty all saved passwords, use a password manager instead
- Google: Disable everything (exception: enable "Opt out of Ads Personalization")
By enabling all of these settings, you are significantly reducing the amount of tracking and data collection these devices perform, but keep in mind that you are not completely eliminating it.