Summer is here, and that means vacation travel is up. At U.S. borders, customs officers may ask for your passwords to unlock your devices, or provide access to online accounts, especially social media.
According to many experts, you can refuse, but your devices could be seized and retained for an extended period of time and/or the data copied (even if it’s encrypted and effectively unretrievable). If you’re not a permanent resident of the U.S., you might be denied entry.
If you're worried that you might have to hand over a device with valuable information, then consider this: the less data on hand, the less risk of exposure you have. With this in mind, you could choose to agree to allow device inspection, because there would be nothing of importance to disclose.
This isn't about guilt or crime, it’s about the right to privacy in a digital age and opposing government overreach. Here are a few ways you can protect yourself and your data while traveling with your Mac, iPhone, or iPad.
Wipe your Mac and install from scratch
Mac users might want to leave the laptop behind and go with an iPad with a keyboard or even a “burner” Chromebook—an inexpensive laptop you literally destroy after a trip. Or you could fully clone your Mac, wipe it, reinstall macOS, and not connect to iCloud or other services. If you’d prefer to cleanse an existing setup, see a later section in this article.
You need to enable FileVault before cloning and erasing your Mac, because otherwise data might remain recoverable from the previous installation. Here are our instructions for turning on FileVault.
(Note that with a solid-state drive, if you didn’t have FileVault enabled before you copied or created any data onto the drive from the moment you started using it, there’s a remote risk that a deep forensic sweep could recover unencrypted information. SSDs manage wear on flash memory by ensuring no particular location is written too often relative to every other location, which with excessive effort might be recovered. If you’re concerned at that level, you need a new SSD before traveling, but few people should have that deep a worry.)
Next, use a program like SuperDuper or Carbon Copy Cloner to fully clone your Mac. For extra security, you should first encrypt the drive onto which you’re cloning your Mac, whether you’re make a full-partition clone or cloning to a disk image. See our instructions for managing encryption on an external drive. Warning! Because you’ll be erasing your Mac, you have to make a record of the password you set for your external drive elsewhere than the keychain on your Mac!
Now use Recovery (restart and hold down Command-R) or an external installer (our directions on making one) to erase your startup volume and reinstall macOS. When prompted during setup, enable FileVault, which can take up to a day. Do not link to an Apple ID or to an iCloud account.
Once you’re up and running, install the fewest applications you need, and don’t install any sync or other services.
When you return home, boot into recovery and clone your Mac back to your startup volume.
Wipe your iOS device
iOS is better designed to backup and restore than a Mac, so it’s somewhat less of a hassle to start over. Apple has excellent directions on using iCloud or iTunes for performing a full backup, at which point you can erase and restore the device. Because Apple has had hardware encryption of stored data for several years, you don’t need to worry about old data being recovered from a newly installed iPhone or iPad, either.
When setting up the device from scratch, don’t connect with your Apple ID or iCloud account.
Cleanse your Mac or iOS device instead of wiping it
The question is what level of exposure are you prepared for if a customs official demands that you unlock your machine. If you have FileVault enabled (see above), which I highly recommend just for general purposes, deleting files or archiving them elsewhere before departing on a trip makes them effectively unrecoverable even with significant effort from your drive. Without FileVault, your deleted files may be recovered with relative ease by a not-even-that-determined law-enforcement agent.
Warning! Watch for sync: depending on your setup, some of the above might delete entries on all linked devices. Log out of accounts that provide sync in Chrome, iCloud, and so on before attempting these steps.
My suggestions are:
- Delete business and personal documents that aren’t necessary.
- Disconnect from all sync services, like Dropbox and Google Drive.
- Scour your keychain via Keychain Access removing any passwords you don’t want in use.
- Disconnect from iCloud, which can be an involved affair, but vastly reduces risk.
- Delete contacts and calendar entries or wipe them clean.
- Empty your Safari and other data caches, including cookies, logins, and anything else.
Which passwords and accounts to use with your newly prepped device
Many security experts set up fresh accounts at iCloud, Google, and elsewhere that they use exclusively during a trip, and sometimes delete all the data in those accounts afterwards, and then disable or delete them from the provider and never use them again. If you travel frequently across borders, you might consider how that works for you.
Because having the least amount of information on your Mac or iOS device is the best strategy, you should consider how you manage the passwords you can’t memorize but need to have on hand. You also need to think about the limited services, including email accounts or hosted email, that you need to access.
You may have a lot of innocuous services you use, and you could export the passwords for them to a password vault you store on the device with which you’re traveling. I definitely recommend you don’t sync a full copy of a password vault, even if you plan to refuse to provide access to it.
1Password just announced an interesting option with its subscription service based on the strategy that the company Basecamp recommends for its employees. Called Travel Mode, it removes all vaults except those marked safe for travel. This is better than retaining passwords or other data that’s just locked with a password, as officials could demand that password. At your destination, you can log in securely and disable Travel Mode, and then re-engage before you cross borders again.
Email is another sensitive subject. If you’re concerned about privacy, you don’t want any browser or email client logged into any email account. But if you store an email password among those you bring with you in order to recall it, you might be compromised into providing the vault password, which then allows access to your email.
Instead, whatever you plan to do with email, create a memorable multi-word password using Diceware or other tools and memorize it. Creating a story helps. The very secure passphrase “toad-mouthwash-unicorn” could result in an image of licking a toad, washing you mouth out, and then riding away on a unicorn.
In the end, you’ll have to decide, often without any access to legal counsel and under pressure from people who could make your life miserable or prevent you from entering the country, what details to provide. The less information you carry, the less you can be obliged to hand over, and the more readily you might choose to accede to speed your way.