Your iPhone runs on your Apple Account (still often called your Apple ID), and it is the master key to far more than the handset in your hand. Anyone who knows the password can sign in at icloud.com in any browser — or set up a spare device — and quietly read your messages, open your photos, see your contacts and follow your location through Find My, with nothing installed on your phone for a scan to find. Locking this one account down is the single most important thing you can do to stop being watched.
Start with a private email you control
Every step below hangs off the email your Apple Account is built on, so it's worth getting that right before you touch anything else. The strongest foundation is a fresh, end-to-end encrypted Proton Mail address that no one else has ever had access to. Set one up, secure it with its own strong password and two-factor, and then use it as the private email in Step 1 below — everything you do after that rests on an inbox only you can reach.

Proton Mail Plus
Private email with more storage, your own custom domain and extra aliases — the easy choice if email is all you need.
Proton Unlimited
Everything in Mail Plus, plus VPN, Pass, Drive and Calendar in one encrypted plan — the best value if you're rebuilding your whole setup, not just your email.
- End-to-end encrypted
- Swiss-based, no ads
- One plan, every app




Secure your Apple Account, step by step
Open your Apple Account settings
Open Settings and tap your name at the very top to open your Apple Account. This is the home for everything that follows — your sign-in details, trusted devices and recovery options all live here.
Opening the Apple Account screen on iPhone: Home screen, tap Settings, then tap your name at the top
Put it on an email only you control
Your Apple Account is reached through the addresses listed under Sign-In & Security → Email & Phone Numbers — whoever can receive a reset code at one of them can take the account over. The strongest move is to put it on a private inbox no one else can touch. Tap Add Email or Phone Number → Existing Email Address, enter your Proton Mail address, and verify it with the code Apple sends. Then switch on Primary Email so your new address becomes the one the account runs on.
Email & Phone Numbers
yourname@gmail.com
Primary email
These addresses and phone numbers can be used to sign in, verify your identity, and help recover your account.
Security
Your trusted devices and phone numbers are used to verify your identity when signing in.
Recovery Methods
Regain access to your account and data if you forget your password or device passcode.
A legacy contact is someone you trust to have access to the data in your account after your death.
iPhone Sign-In and Security, Email and Phone Numbers, tapping Add Email or Phone Number and entering a private Proton address
Then remove the old email
Once the new address is verified and set as your Primary Email, go back and remove the old one: tap it in the list and choose Remove Email Address. An old or shared inbox that can still receive your sign-in codes and reset links is exactly the back door you're closing here.
An @icloud.com address will stay
If one of the addresses ends in @icloud.com, you won't be able to remove it — it's part of the Apple Account itself, not a separate inbox. That's fine: it isn't an external email someone else could take over, so it doesn't carry the same risk as an old third-party address.
Set a strong, unique password
Change your password to something long and unique that you use nowhere else, so an old data breach can't unlock it — a password manager like Proton Pass can generate and store it for you. On your iPhone, tap Sign-In & Security → Change Password and confirm with your device passcode. Changing it also signs out most other active sessions, which is a clean break if someone has quietly been signed in elsewhere.
Email & Phone Numbers
you@proton.me
Primary email
yourname@gmail.com
These addresses and phone numbers can be used to sign in, verify your identity, and help recover your account.
Security
Your trusted devices and phone numbers are used to verify your identity when signing in.
Recovery Methods
Regain access to your account and data if you forget your password or device passcode.
A legacy contact is someone you trust to have access to the data in your account after your death.
Changing the Apple Account password: Sign-In and Security, Change Password, device passcode, then the new password sheet

Proton Pass
Stuck for a strong one? Proton Pass generates and stores a long, unique password for every account - so a breach of one never unlocks another - and fills them in for you across your devices.
Tighten your two-factor authentication
Apple's two-factor authentication works differently from most services — there is no authenticator app. A new sign-in is approved by one of your existing Apple devices, or by a code sent to a trusted phone number. So tightening it means tidying that list: under Sign-In & Security → Two-Factor Authentication, remove any trusted phone number that isn't yours, and sign out old devices that can no longer update to the latest version (roughly six years and older) along with anything you no longer use. Every device on the list is another place your approval codes can appear.
Email & Phone Numbers
you@proton.me
Primary email
yourname@gmail.com
These addresses and phone numbers can be used to sign in, verify your identity, and help recover your account.
Security
Your trusted devices and phone numbers are used to verify your identity when signing in.
Recovery Methods
Regain access to your account and data if you forget your password or device passcode.
A legacy contact is someone you trust to have access to the data in your account after your death.
Sign-In and Security, Two-Factor Authentication: trusted devices and a phone number, with an out-of-date iPhone flagged to sign out
Why a trusted phone number stays
You'll need to keep at least one trusted phone number, and a number tied to iMessage or FaceTime can't be removed. A phone number isn't the strongest second factor — it can be SIM-swapped — but Apple builds in a deliberate recovery delay when someone tries to get back in using only a phone number rather than approving from a trusted device. So keep a trusted device you control as your main key.
Remove your recovery contacts
A recovery contact is someone you trust to help you back into your account if you're ever locked out. It's a genuinely useful feature — but it also means your account's security now leans on the security of their account and device, which is completely out of your control. If one is set, weigh that up and consider removing it: under Sign-In & Security → Recovery Contacts, tap the contact and choose Remove Contact.
Email & Phone Numbers
you@proton.me
Primary email
yourname@gmail.com
These addresses and phone numbers can be used to sign in, verify your identity, and help recover your account.
Security
Your trusted devices and phone numbers are used to verify your identity when signing in.
Recovery Methods
Regain access to your account and data if you forget your password or device passcode.
A legacy contact is someone you trust to have access to the data in your account after your death.
Sign-In and Security, Account Recovery, reviewing recovery contacts and recovery key with an unknown contact flagged
Add a recovery key
With recovery contacts cleared, a recovery key hands recovery back to you alone — a 28-character code only you hold. Turn it on under Sign-In & Security → Recovery Key, then write the code down and store it somewhere safe and offline, away from your devices. The trade-off: switching it on turns off Apple's standard account recovery, so this key becomes your way back in if you ever forget your password and passcode — lose it and even Apple can't restore the account. Kept safe, it's the strongest lock you can put on your Apple Account.
Email & Phone Numbers
you@proton.me
Primary email
yourname@gmail.com
These addresses and phone numbers can be used to sign in, verify your identity, and help recover your account.
Security
Your trusted devices and phone numbers are used to verify your identity when signing in.
Recovery Methods
Regain access to your account and data if you forget your password or device passcode.
A legacy contact is someone you trust to have access to the data in your account after your death.
Sign-In and Security, Recovery Key: turning on a recovery key and saving the 28-character code
Turn on Advanced Data Protection
Finally, switch on Advanced Data Protection — the strongest setting Apple offers. Normally Apple holds the keys to most of your iCloud data (backups, Photos, Notes and more), which means it can be handed over or exposed in a breach. With Advanced Data Protection on, that data becomes end-to-end encrypted: only your trusted devices can unlock it, and not even Apple can read it. From your Apple Account → iCloud, scroll to Advanced Data Protection and turn it on — you'll confirm with the recovery key you just made and your passcode. This is exactly why the recovery key matters: it becomes the master key only you hold.
Your Name
you@proton.me
Apple Account, iCloud, Advanced Data Protection: turning on end-to-end encryption and verifying with the recovery key and passcode
Close the iCloud.com web gateway
One door is still open: your iCloud data can be reached from any web browser at iCloud.com, using just your email and password. If you only ever use your own Apple devices, shut that gateway. From Apple Account → iCloud, scroll down and tap iCloud.com, then switch off Allow Data Access and Allow Search. Your data stays reachable on your trusted devices, but the browser sign-in that an attacker could use is closed off.
Some data is not syncing. Upgrade to a 200 GB plan.
iCloud+ Features
Apple Account, iCloud, iCloud.com: turning off Allow Data Access and Allow Search to disable web access
Turn on Stolen Device Protection
One gap is left that nothing above can close on its own: someone who has your unlocked iPhone and your passcode — a thief who watched you type it in, or anyone you've shared it with — could sit down and quietly undo everything, changing your password and these very settings in seconds. Stolen Device Protection is built for exactly that situation.
Turn it on under Settings → Face ID & Passcode → Stolen Device Protection. It defaults the delay to Away from Familiar Locations — we'd change Require Security Delay to Always, so the protection applies everywhere, not just away from places your iPhone treats as home or work.
Settings
Settings, Face ID and Passcode, Stolen Device Protection: turning it on so passcode-only changes are blocked away from familiar locations
What it locks down
With it on, the most sensitive actions — changing your Apple Account password, turning off Find My, erasing the device or altering these security settings — require Face ID or Touch ID with no passcode fallback, plus a one-hour security delay followed by a second Face ID check for the riskiest changes. The result: even armed with your passcode, a thief can't take over your account or lock you out before you've reported the phone lost.
Already worried it's in place?
These steps lock the account down. To find monitoring that may already be running — forwarded messages, shared location, rogue profiles — check the settings someone can abuse on the iPhone itself.
Where to go next
Common questions
Is my Apple Account really how someone watches my iPhone?
What's the single most important step?
Do I still need to change my password if I turn on two-factor?
Is a phone number safe enough for two-factor?
What if I can't change my Apple Account email?
Was this guide helpful?
Know someone who needs this? Send them the guide.
Written by
Jordan DicksonFounder, CyberSecurityGuides
Founder of CyberSecurityGuides, writing practical, jargon-free guides that help everyday people recover from and protect against online attacks.
Reviewed by CSG Security Engineers