How to secure iPhone data with pair locking and supervision

Alexandra Petruș

От Alexandra Petruș

обновленный

Посмотрите, как я квалифицирован, чтобы написать эту статью

In this article we're going to take a closer look at an obscure but highly effective way of increasing your phone's security: pair-locking.

What is pairing?

Pairing creates a trusted connection between your iPhone and a computer. For example, when you connect your iPhone with a USB cable, you are asked to grant full access and once accepted, pairing takes place and a trusted key is kept for future connections. A connection is created between your iPhone and your computer so that applications like iTunes can communicate with your device. The bad news is that forensic applications which might harvest your data can use the same connection key to remotely communicate with your iPhone.

Once an iPhone is paired with a computer, that computer will have full access to all the personal information stored on your device. This means the computer will have access to all photos, notes, videos, messages, and -- with the right knowledge -- hackers can even break passwords from third-party applications. Your iPhone can be accessed even when it's locked with a PIN code.

What is pair-locking?

By pair-locking your iPhone you're basically blocking any forensic application that tries to communicate with your iOS device, by preventing new pairings. You're pairing it with a single computer -- yours -- and preventing it from ever pairing with any other.

Is your iPhone paired with your computer already?

A private key is being created when paired your iPhone. This key is stored both on your iPhone and on the computer you have paired with. You can find a pairing record of your device easily, like this:

  • On macOS, open Terminal and paste the following: open /var/db/lockdown
  • If you are using Windows, go to %ProgramData%/Apple/lockdown in Explorer

Steps you need to take to pair-lock your iPhone

  1. Download Apple Configurator from the App store on your Mac and open it

  2. Click "Prepare"

    Apple Configurator's "Prepare" button
    Apple Configurator's "Prepare" button

  3. Choose any name you would like and toggle on "Supervision"

  4. Uncheck the box "Allow devices to connect to other Macs"
  5. Create a new profile by clicking on the plus sign at the bottom of Apple Configurator

    Creating the pairing profile in Apple configurator
    Creating the pairing profile in Apple configurator

  6. You can use any name you would like for this profile, then click on "Restrictions" and on "Configure"

    Restrict your iPhone
    Restrict your iPhone

  7. Uncheck "Allow pairing with non-Configurator hosts" to disable pairing, then click "Save"

    Enable pair-locking for iPhone or iPad
    Enable pair-locking for iPhone or iPad

  8. Select your newly created profile and click on "Prepare"

    Sync pair locking profile
    Sync pair locking profile

  9. Fill in the organization information: only the name field is required, and you can input anything you would like on phone, email and address

  10. Connect your iPhone or iPad and click "Done"
  11. You'll get a warning message asking if you are sure you want to apply these settings to all connected USB devices, click "Apply" and your device will only be accessible from the computer you've paired with

    Apply changes to USB devices with Apple configurator
    Apply changes to USB devices with Apple configurator

Just remember: if you do this, you won't be able to sync or connect your iPhone with any other computer. But neither will the bad guys.

Об авторе

Alexandra Petruș served as Reincubate's VP of Product for a number of years and remains a friend of the company. She's recognised as a Google Developer Expert for Product Strategy, and is a co-founder of Bucharest AI.

Генеральный директор Reincubate в Букингемском дворце

На снимке выше - встреча членов команды Reincubate Ее Величества Королевы Елизаветы Ⅱ в Букингемском дворце, после того как она была удостоена высшей бизнес-награды Великобритании за нашу работу с технологиями Apple. Прочитайте нашу позицию о конфиденциальности, безопасности и сохранности .

Можем ли мы улучшить эту статью?

Нам нравится слышать от пользователей: почему бы не написать нам электронное письмо, оставить комментарий или написать в Твиттере @reincubate?

Как мы можем помочь?

Наша служба поддержки здесь, чтобы помочь!

Наши рабочие часы - с понедельника по пятницу, с 9:00 до 17:00 по Гринвичу.

Мы стремимся отвечать на все сообщения в течение одного рабочего дня.

Связаться › Наша отличная команда поддержки

© 2008 - 2019 Reincubate Ltd. Все права защищены. Registered in England and Wales #5189175, VAT GB151788978. Reincubate® is a registered trademark. Защита & Условия. Мы рекомендуем 2FA. Построен с в Лондоне.