How to make iCloud more secure with Advanced Data Protection

How to make iCloud more secure with Advanced Data Protection

By

You now have the option to have more of your iCloud files encrypted, including images. Here's how.
The latest versions of Apple's operating systems give you the option to encrypt more of your iCloud files, including images.
Photo: Cult of Mac

Apple recently added end-to-end encryption for more types of iCloud data. Now, you can turn on Advanced Data Protection to encrypt iCloud Photos, Notes and more. Activating this new security feature is easy … once you find the switch buried in Settings.

We can save you some time. Here’s how and why you should activate it.

New critical iCloud encryption

Advanced Data Protection for iCloud is all about encryption. This converts data into a form that can only be unlocked with a passcode. The user is the only one with access to that passcode. Without it, not even Apple can decrypt a file.

Encryption isn’t new to iCloud. Previously, Apple’s cloud-storage service offered end-to-end encryption for 14 data categories. Thanks to Advanced Data Protection for iCloud, that number increases to 23.

Perhaps most notably, that includes images stored on the service. Apple dropped its controversial plan to scan users’ photos for child sexual abuse material. Instead, it gives users the option to block anyone else from ever accessing them.

The new Advanced Data Protection for iCloud feature is part of iOS 16.2, macOS Ventura 13.1 and iPadOS 16.2. That said, it is currently only available in the United States. Apple promises the feature will start rolling out to the rest of the world early this year.

How to activate Advanced Data Protection for iCloud

A screenshot of an iPhone's Settings app shows how to activate Advanced Data Protection for iCloud. Follow these simple steps to encrypt more iCloud data.
Follow these simple steps to encrypt more iCloud data.
Screenshots: Apple/Cult of Mac

Turning on Advanced Data Protection for iCloud is easy. Finding the switch is not. It’s buried deep in the Settings app. Here’s a step-by-step guide to locating it on an iPhone or iPad. The macOS process is very similar.

  1. Open the Settings app.
  2. Tap your name near the top of the screen to open Apple ID settings.
  3. Then tap on iCloud.
  4. Tap on Advanced Data Protection
  5. This opens a screen with an overview of the new privacy feature. At the bottom, tap on Turn On Advanced Data Protection.

Important: Set up Account Recovery

An iPhone screenshot of the Settings app showing Advanced Data Protection for iCloud recovery options: Your options when using Advanced Data Protection for iCloud are to name a recovery contact or create a recovery key.
Your options when using Advanced Data Protection for iCloud are to name a recovery contact or create a recovery key.
Screenshots: Apple/Cult of Mac

Encryption is for keeps. If you lose/forget your Apple ID password, everything you encrypted will remain locked away forever. Begging Apple to help recover the only pictures of your newborn baby won’t help, because Apple doesn’t have the passcode.

That’s why Apple’s encryption system for iCloud requires you to set up a method to recover your account. Setting this up is as complicated as activating Advanced Data Protection gets … which isn’t very complicated.

You have two options:

  1. You can name someone as your Recovery Contact that can “generate a code from their Apple device to help you get your data back,” Apple says. That person cannot access your data without you.
  2. Alternatively, your iPhone can generate a 28-character Recovery Key that you can use to give yourself access to your account.

Data types protected by Advanced Data Protection for iCloud

It’s important to know what types of iCloud data are encrypted once you turn on Advanced Data Protection — and which aren’t. Activating the feature will turn on encryption for:

  • Device and Messages backups
  • iCloud Drive
  • Notes
  • Reminders
  • Voice Memos
  • Photos
  • Siri Shortcuts
  • Safari Bookmarks
  • Wallet Passes

iCloud already offered end-to-end encryption on a variety of other data, including passwords in iCloud Keychain and everything in Health data. Switched on by default, you cannot deactivate it.

But not everything in the cloud-storage system is encrypted. As Apple notes, “The only major iCloud data categories that are not covered are iCloud Mail, Contacts, and Calendar because of the need to interoperate with the global email, contacts, and calendar systems.”