how to

How to lock down your iCloud with Apple's Advanced Data Protection

Turning on Apple’s new Advanced Data Protection feature is easy and could help protect sensitive information in the event your account is hacked.

by Alyson Velati
CHINA - 2022/07/25: In this photo illustration, the American file hosting service company owned by A...
SOPA Images/LightRocket/Getty Images

iCloud has come a long way since the days of scandalous celebrity hacks, but that doesn’t mean Apple’s pursuit of buttoned-up security is done. Recently, Apple released a much-anticipated new end-to-end encryption feature that protects most of your iCloud data.

With “Advanced Data Protection,” not even Apple has access to your data. The company claims Advanced Data Protection, which is part of the iOS 16.2 update, can safeguard your information even if your iCloud is breached.

If you’re interested in locking down your iCloud further (or why you may or may not want to do so), here’s how to turn Advanced Data Protections on and what it covers.


First, you’ll need to make sure you turn on two-factor authentication for your Apple ID, have a passcode for your device, and have a recovery contact or recovery key.

To set up a recovery contact, you can assign someone you trust who has an Apple device to help recover your account. All you have to do is send them a message that gives them a link to help them recover your account in the future. A recovery key is a 28-character key that you can use to unlock your account. But make sure you write down the key to this code. If you lose it, you can be locked out of your account forever.

Enabling Advanced Data Protection is as simple as toggling a switch.

After you checked all of those boxes, you can go into your settings, tap your name, and then tap iCloud. Scroll down to Advanced Data Protection and turn it on. Yes, it’s that easy.

If you decide you don’t need that extra security, you can simply turn it off and your device will switch back to standard data protection.

One thing to note is you cannot turn on Advanced Data Protection on managed Apple IDs and child accounts.


Certain categories are already protected with end-to-end encryption without enabling Advanced Data Protection:

  • Passwords and Keychain
  • Health data
  • Home data
  • Messages stored on the cloud
  • Payment information
  • Apple Card purchases
  • Maps
  • Quick Keyboard learned vocabulary
  • Safari
  • Screen Time
  • Siri information
  • Wi-Fi passwords
  • W1 and H1 Bluetooth keys
  • Memoji

Here are the categories that are now protected with end-to-end encryption with Advanced Data Protection:

  • iCloud Backup (including device and Messages backup)
  • iCloud Drive (includes Pages, Keynote, and Numbers documents, PDFs, Safari downloads)
  • Photos
  • Notes
  • Reminders
  • Safari Bookmarks
  • Siri Shortcuts
  • Voice memos
  • Wallet passes


SOPA Images/LightRocket/Getty Images

The most obvious benefit of Advance Data Protection is the extra security, which could be especially handy if you’re in a profession that entails a high degree of sensitivity, and/or deals with confidential information. As a journalist, for example, knowing that my notes, voice memos, and Messages are shielded from potential hackers is crucial.

But with every new app rollout, comes some potential issues. As mentioned, your Apple device must be updated to the latest version of iOS before you can even enable Advanced Data Protection.

As noted in an Apple support document:

This requirement prevents a previous version of iOS, iPadOS, macOS, tvOS, or watchOS from mishandling the newly-created service keys by re-uploading them to the available-after-authentication HSMs in a misguided attempt to repair the account state.

The problem for any new Apple product, whether it’s an iPhone, iPad, Mac, Apple TV, Apple Watch, or a HomePod, is that it could be difficult to set up the new protection if it needs to be synced to an Apple ID.

As noted by AppleInsider, in order to update your Apple Watch and HomePod, you need to be linked to an Apple account first. As a workaround, you may want to consider shutting off Advanced Data Protection, and then setting up the new watch or HomePod, updating it, and then turning Advanced Data Protection back on. This could potentially avoid any pesky pitfalls that would prevent you from updating or accessing devices.

Luckily, since Advanced Data Protections is turned off by default, it will be entirely your choice whether you want to risk future hassles for added security. And besides, toggling a few switches in your settings app may be a lot more convenient than having your iCloud hacked.

Related Tags