The biggest tip from my setup is I have a dedicated email address for iCloud thatís separate from my iTunes account. This sort of happened by accident, but over the years Iíve come to appreciate the advantages.
One big problem with iCloud security is itís difficult to have a long and complex password on mobile devices. While TouchID makes big strides here, itís still a real pain to keep typing in a quality password. And you do need a quality password for an account holding important things such as your device backup, phone location data, calendars, device kill switch, and of course photo stream. Certainly it would suck if someone got my AppleID, but Iíve got protection from my credit card on fraud. No one has my back on the iCloud stuff. So by having a separate, dedicated, and secret email for iCloud not only does it make it more difficult for someone to get my login info, but I can secure it with a proper password and not be a major inconvenience.
The key here is you donít want to link your iCloud and AppleID as a backups. Also, you want to make sure this is a dedicated email address so no one can scrape it or phish it from you. Donít email anyone with this account and donít use it for a login anywhere else. I highly recommend 1Password for password management and keep the account in there. You can just cut/paste when you do need to use it.
The other stuff is pretty obvious, I think. Utilize 2-step verification. Your password is only as strong as the recovery system, and this is a good counter-measure. Also use 2-step verification on whatever email system youíre using for youíre iCloud account. Also, make use of the Notification Email Address. Send it to a work address or some other address not tied to your Apple accounts. This will at least alert you if someone makes changes to your account. And use the pin lock on your phone and keep track of your phone. Another thing to consider is avoiding free public WiFi, but thatís a tough one, so Iíd say stick with the trusted hotspots and ensure youíre connecting to the correct network.
Beyond that, youíll want to limit what is stored in the cloud. The cloud is super convenient, so one way to deal with privacy and cloud storage is to utilize encrypted disk images. iCloud doesnít support this now, but it looks to with iOS 8 and Yosemite. OS Xís Disk Utility can create sparse bundle images with 256-bit keys that are very convenient and easy to use. In general, you donít want to depend on a cloudís encrypted system because if their security is compromised, an intruder may also have compromised their encryption system. But ultimately, how you use the cloud directly correlates to your risks.
Lastly, Apple can do better. On a recent podcast we talked about the idea Apple needs the ability to see what devices are active on the account. And then have the ability to revoke access via the AppleID system. Dropbox works similar to this. Not only does it give an overview of which devices currently has access, but lets users control that access.
- Speed tests on MacBook Pro SSD speeds
- Apple Watch OS 1.0.1 Released
- Apple TV set reported abandoned
- MacBook Pro gains Force Touch, iMac 5K gets new pricing
- Video: How to sign/encrypt email using OS X Mail and a secure certificate authority CA
- LifeProof ships water-proof battery backup case
- Apple Watch lacks anti-theft security
- iGrill thermometer comes to the Apple Watch
- Apple Pay chipping away at Walmart backed CurrentC
- Safari on the Apple Watch
- Vulnerability found with MacKeeper
- Mac App Store sales
- Reserve Strap and the secret Apple Watch plug
- Apple Watch Review Diary: UX, odds and ends
- Apple Watch Review Diary - Battery: First Full Week
- Podcast: Thoughts on the Apple Watch
- Apple Watch Review Diary - Notifications
- Apple's supply chain and the defective taptic engine part
- Apple Watch Review Diary - Fitness Features/Tracker
- Apple Watch Review Diary - Productivity Apps: OmniFocus, Trello, Evernote IFTTT
- Tattoos and Apple Watches may not mix
- Apple Watch Review Diary - Making/Receiving Phone Calls
- Apple Watch Review Diary - Siri
- Apple Watch Review Diary - Maps/Navigation
- Apple Watch Review Diary - The Controls
Browse and search for more articles