Taking a moment to add an extra passcode to your iCloud account might save your skin if your iPhone is ever stolen by a shady character who’s eyeing you like a hawk. By default, your iPhone passcode is all someone needs to lock you out of your devices and wreak financial havoc on your life. And it’s not that difficult to capture your passcode if you tap into your phone in a public place.

In fact, a recent spate of coordinated scams have played out like this: A spy watches for anyone entering their iPhone passcode in a bar or other public place. Then, the device is yoinked out of the victim’s hands. And before they can do anything, they find themselves locked out of their own iCloud account. Soon, the criminals who stole the iPhone proceed to make unauthorized purchases, empty bank accounts and generally wreak havoc on the victim’s finances and personal life.

Luckily, setting up a second passcode just for iCloud can protect you from this type of criminal operation. I’ll show you how to keep these thieves at bay — and offer some additional advice for keeping your account secure.

It’s World Backup Day, a good opportunity to take a close look at the backups your iPhone makes to iCloud. Are you running out of iCloud storage space? Living with a slow internet connection? Worried about privacy? In any of these cases, you might want to exclude some apps from your iCloud backups. Doing so will save iCloud storage space and conserve bandwidth.

The good news is that it’s easy to exclude pretty much anything you like from your iCloud backups in iOS. Here’s how.

I always use Apple’s privacy-focused Sign in with Apple and Hide My Email services whenever I get the option.

The Sign in with Apple feature, which lets you log into third-party accounts using your Apple ID while keeping your personal info private, is so easy to use that I utilize it everywhere. But that also means my disguised logins pile up, accumulating in the digital junk drawer that is iCloud Settings.

I’ll show you where you can find, manage or delete these accounts. Perhaps you’re jumping ship from iPhone to Android, and you want to make sure you still have another way of signing into your Chipotle account.

The Hide My Email service is similar. It creates a temporary email address that forwards to your real one — handy if you’re signing up for a shady website, or if you need a public contact email. I’ll show you where you can create new ones and delete the old ones.

A second round of ‘Rapid Security Response’ bug patches for the iOS 16.2 and iPadOS 16.2 betas were seeded to developers and other beta testers on Monday. At this point, Apple is testing the system for distributing these by releasing them for beta versions of the operating systems.

Once testing is over, these will allow Apple to fix security problems without releasing a full OS update.

PayPal just adopted passkeys as an easy and secure log in method for user accounts. Users with an iPhone, iPad or Mac will be the first able to take advantage of the passwordless biometric security system because Apple built support for it into its devices.

Passkeys are an improvement over passwords, as they can’t be phished, stolen or guessed.

The web browser built into the TikTok iPhone app can monitor your keystrokes. A developer who researched the software called it “the equivalent of installing a keylogger,” and warns that it can potentially grab passwords and credit card info.

A similar warning went out recently about the browsers built into Facebook and Instagram.

A recent macOS Monterey update deals with a nasty security problem in WebKit. But Apple is aware many users don’t upgrade to the latest operating system versions, so it also released Safari 15.6.1. The web browser update allows anyone using older macOS versions to avoid the vulnerability.

The browser update is free and available now.

Apple developed Automatic Verification to let iPhone, Mac and iPad users bypass those irritating CAPTCHA image tests that websites use to confirm that someone is a human and not a bot.

Cloudflare and Fastly, big cloud computing companies that power tons of websites, are already on board to adopt the new system.

Cybersecurity is no joke, even if you only use the internet to browse social media and shop online. Without thorough security in place, your personal information is at risk and could be sold or used against you. And targeted ads are just annoying.

The Deeper Connect Mini decentralized VPN and firewall is a simple-to-use hardware virtual private network that can protect your identity online and shield you from threats. And for a limited time, it’s on sale for $349.

Apple is in the process of upgrading Apple Pay fraud prevention features for cards stored in the Wallet app on iPhone and Apple Watch, starting with Visa cards.

Some users have already started noticing a new “Enhanced Fraud Prevention” alert badge.