Most people fall into one of two extremes when it comes to device security.
- Many believe they’re not interesting enough to be targeted by online attackers and don’t take sensible precautions, like making sure every website account is protected with a strong, unique password. The truth is, most attacks these days come from bots, so whether or not you are interesting is irrelevant.
- Then there are those who see a bogeyman around every corner and refuse to use a password manager or biometric authentication because of ill-founded concerns about the security of the stored data. (Really, it’s OK.)
Today we want to provide some resources for a small third group: those who have a legitimate reason to fear being targeted by sophisticated digital attacks. These may be high-profile activists or politicians, senior executives in controversial business fields, high-profile government officials and employees with access to sensitive information.
For these groups, using a password manager and relying on biometric authentication should be their baseline security measures. Government intelligence and law enforcement agencies often employ hacking software, such as Pegasus, which can be installed on target iPhones through zero-click exploits such as simply receiving a malicious text message. Pegasus can read text messages, snoop on calls, collect passwords, track location, access the iPhone’s camera and microphone and harvest information from apps.
Apple is well aware of the risk to individuals who are most likely to be targeted. In November 2021, the company filed a lawsuit against Pegasus maker NSO Group. More practically, Apple introduced Lockdown Mode in iOS 16, iPadOS 16 and macOS 13 Ventura, significantly reducing the attack surface that spyware or hackers could exploit by limiting or blocking specific apps, websites and features.
Lockdown Mode Limitations
Before we explain how to turn on Lockdown Mode, it’s important to understand the impact it has on your Apple devices:
- Messages: Most message attachment types are blocked other than certain images, video and audio. Lockdown Mode also blocks links and link previews.
- Web browsing: Safari blocks complex Web technologies, potentially causing some websites to load slowly or not operate correctly. It may also block Web fonts and images, so sites may not display as designed.
- FaceTime: Incoming FaceTime calls are blocked unless you have previously called that person.
- Apple services: Invitations to Apple services, such as invitations to join the Home app, are blocked unless you have previously invited that person.
- Shared albums: Shared albums disappear entirely from the Photos app and shared album invitations are blocked.
- Device connections: If you want to connect an iPhone or iPad to a computer or accessory, you’ll need to unlock the device first. Similarly, connecting an M-series Mac laptop to an accessory requires explicit approval.
- Configuration profiles: Lockdown Mode prevents you from installing configuration profiles, and the device can’t be enrolled in Mobile Device Management.
The inconvenience these restrictions create is well worth the protection Lockdown Mode provides if you’re a sufficiently high-value target. But for the vast majority of Apple users, Lockdown Mode’s limitations would just cause confusion and annoyance.
Turning on Lockdown Mode
First, note that you must enable Lockdown Mode on each of your devices separately.
To enable Lockdown Mode on an iPhone or iPad, go to:
- Settings > Privacy & Security > Lockdown Mode (at the bottom)
- Tap Turn On Lockdown Modeon two separate screens. For the last step, tap Turn On & Restart and enter your passcode.
Once your iPhone restarts, it will work mostly the way you expect, apart from the limitations listed here. You may see notifications when an app has been limited in some way, and a banner appears in Safari to let you know you’re in Lockdown Mode.
On a Mac, turn on Lockdown Mode by going to:
- System Settings > Privacy & Security
- Scroll down to Lockdown Mode and click Turn On
- Authenticate, then click Turn On & Restart
As with the iPhone and iPad, Lockdown Mode mainly makes its presence known by displaying a banner in Safari; you may also receive notifications when an app or feature is limited.
Allow Certain Apps or Websites in Lockdown Mode
If you discover that a particular app or website isn’t operating correctly in Lockdown Mode, you can exclude it from Lockdown Mode’s protections. You’ll have to decide if it’s worth the added risk.
To manage exceptions on the iPhone or iPad, go to:
- Settings > Privacy & Security > Lockdown Mode
- Scroll to the bottom, tap Configure Web Browsing
- On the next screen, turn off the switch for the desired app
To exclude websites from Lockdown Mode, use Safari. Tap the AA button in the address bar, disable the Lockdown Mode switch, and tap Turn Off. The Lockdown banner changes to Lockdown Off to make sure you know that website is no longer being limited for your protection.
On the Mac, you can exclude websites in Safari, but not apps.
While on the site you want to exclude, choose:
- Safari > Settings for website.name
- In the popover that appears, deselect Enable Lockdown Mode and then click Turn Off when prompted
To reiterate, almost no one needs to enable Lockdown Mode. But if you qualify as a high-value target, it’s well worth using Lockdown Mode to reduce the chances that powerful forces will be able to compromise your iPhone, iPad or Mac. Contact us if you have questions: help@arobasegroup.com or 404.229.3118 to discuss these and other security measures to keep you and your business safe online.
About arobasegroup
arobasegroup has been consulting with clients and advising the best use of Apple Technology since 1998. We listen to our customers and solve problems by addressing their specific, unique needs; we never rely on a one-size-fits-all solution or require them to use a specific product. arobasegroup is your advocate in all things related to information technology. Contact us to learn how we can help: info@arobasegroup.com.
Keep Up-to-Date: An Invitation
Keep on top of all the latest Apple-related news via our social media feed. When you follow us on our social media channels, you will always be up-to-date with the most relevant Apple news and have easy access to tips and useful articles relevant for Apple, iPhone, iPad and Apple Watch users. You won’t want to miss these articles and suggestions. Please follow arobasegroup on LinkedIn by tapping here. Thank you!
(Featured image based on originals by iStock.com/Tero Vesalainen and matias giamportone)