How to turn on Advanced Data Protection for iCloud

Advanced Data Protection for iCloud offers our highest level of cloud data security and protects the majority of your iCloud data using end-to-end encryption.

About Advanced Data Protection for iCloud

Advanced Data Protection for iCloud is an optional setting that offers Apple’s highest level of cloud data security. If you choose to enable Advanced Data Protection, the majority of your iCloud data — including iCloud Backup, Photos, Notes, and more — is protected using end-to-end encryption. No one else can access your end-to-end encrypted data, not even Apple, and this data remains secure even in the case of a data breach in the cloud. Before you turn on Advanced Data Protection, you can learn more about how your data is protected with standard data protection and if you enable Advanced Data Protection.

Before you turn on Advanced Data Protection, you’ll be guided to set up at least one alternative recovery method: a recovery contact or a recovery key. With Advanced Data Protection enabled, Apple doesn't have the encryption keys needed to help you recover your end-to-end encrypted data. If you ever lose access to your account, you’ll need to use one of your account recovery methods — your device passcode or password, your recovery contact, or recovery key — to recover your iCloud data.

Your device passcode or password is the passcode on your iPhone or iPad, or the login password on your Mac that you set to protect your device and enable two-factor authentication. It’s also used to reset your Apple ID password and to recover your end-to-end encrypted data if you lose access to your account.

A recovery contact is a trusted friend or family member who can use their Apple device to help you regain access to your account and data. They won’t have any access to your account, only the ability to give you a code to help you recover your account. Learn more about recovery contacts.

A recovery key is a secret 28-character code that you can use, along with a trusted phone number and an Apple device, to recover your account and data. Learn more about recovery keys.

Note: Your account recovery methods are never shared with or known to Apple.

Requirements

To turn on Advanced Data Protection for iCloud, you need:

  • An Apple ID with two-factor authentication.

  • A passcode or password set for your device.

  • At least one account recovery contact or recovery key. If you don't already have one, you'll be guided to set one up when you turn on Advanced Data Protection.

  • Updated software on all of the devices where you're signed in with your Apple ID:

    • iPhone with iOS 16.2 or later

    • iPad with iPadOS 16.2 or later

    • Mac with macOS 13.1 or later

    • Apple Watch with watchOS 9.2 or later

    • Apple TV with tvOS 16.2 or later

    • HomePod with software version 16.0 or later

    • Windows computer with iCloud for Windows 14.1 or later

Managed Apple IDs and child accounts are not eligible for Advanced Data Protection.

How to turn on Advanced Data Protection for iCloud

You can turn on Advanced Data Protection on an iPhone with iOS 16.2, iPad with iPad OS 16.2, or a Mac with macOS 13.1. Turning on Advanced Data Protection on one device enables it for your entire account and all your compatible devices.

On iPhone or iPad

  1. Open the Settings app.

  2. Tap your name, then tap iCloud.

  3. Scroll down, tap Advanced Data Protection, then tap Turn on Advanced Data Protection.

  4. Follow the onscreen instructions to review your recovery methods and enable Advanced Data Protection.

On Mac

  1. Choose Apple menu  > System Settings.

  2. Click your name, then click iCloud.

  3. Click Advanced Data Protection, then click Turn On.

  4. Follow the onscreen instructions to review your recovery methods and enable Advanced Data Protection.

If you’re not able to turn on Advanced Data Protection for a certain period of time, the onscreen instructions may provide more details.

If one of your devices prevents you from turning on Advanced Data Protection, you can choose to remove that device from your Apple ID device list and try again. While Advanced Data Protection is enabled for your account, you can sign in with your Apple ID only on devices that meet the software requirements listed above.

Web access to your data at iCloud.com

When you turn on Advanced Data Protection, access to your iCloud data on the web at iCloud.com is disabled to ensure that your data is available only on your trusted devices. If you turn on web access again, you can use one of your trusted devices to approve temporary access to your data on the web. Learn how to access your iCloud data on the web.

Sharing and collaboration

Advanced Data Protection is designed to maintain end-to-end encryption for shared content as long as all participants have Advanced Data Protection enabled. This level of protection is supported in most iCloud sharing features, including iCloud Shared Photo Library, iCloud Drive shared folders, and shared Notes.

iWork collaboration, the Shared Albums feature in Photos, and sharing content with “anyone with the link,” don’t support Advanced Data Protection. This means the shared content is not end-to-end encrypted even when Advanced Data Protection is enabled. These services are secured using standard data protection.

How to turn off Advanced Data Protection for iCloud

You can turn off Advanced Data Protection at any time. Your device will securely upload the required encryption keys to Apple servers, and your account will once again use standard data protection.

  • iPhone or iPad: In Settings, tap your name, then tap iCloud. Then scroll down and turn off Advanced Data Protection.

  • Mac: In System Settings, click your name, then click iCloud. Then click Advanced Data Protection and click Turn Off.

Published Date: