Like I said, you have no idea what factors they have to consider. Who knows if what you propose is quick or easy or has unintended consequences. Billions of devices across hundreds of countries.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Responds to Report About Thieves Permanently Locking Out iPhone Users
- Thread starter MacRumors
- Start date
- Sort by reaction score
That's why I said make it optional. I highly doubt that solution, even temporary, won't take much effort with Apple's resources. And would be low risk. This is known issue for many months.
Why is that setting in Screen Time? That makes no sense. It should be in the Passcode menu.
That requires discipline, since we’ve become accustomed to having the ability to do our banking and complete our tax returns on the bus ride home from work.
It requires having more than one device and more than one account (I already had two iPhones, iPad, and Mac) and Apple encourages us to use ”One ID for everything Apple” so it feels wrong not to put it all in the one account.
With more and more of our digital lives in the cloud and a lot of it in iCloud, I think that losing rightful access to our information is important enough for Apple to invest in a way for someone to be able to prove they are the legitimate account holder and regain access. I had someone steal my iCloud account several years ago now. Slightly different circumstances where they were able to guess or brute force hack into a trusted device, but same result. Apple will do nothing to help the account holder regain access. There are just so many ways that the rightful account holder can prove that they are the original account holder (previous passwords, previous phone numbers, previous trusted devices, etc). But once someone associates a new phone number with the account, changes the password and removes the old "trusted devices", there is literally nothing that someone or apple can do to let you have the account back. I'd pay money to have an apple representative come out, verify my ID or any other verification that they think is reasonable to regain access to my account. And to add insult to injury, I get emails every month or so to the email that is still associated with the account that my iCloud storage is full and would I like to upgrade!
It might help if they are just watching if long enough, but a camera video can just be slowed down to watch a long passcod.
That is good, but it would be better if they simply made it an option whether or not to allow your passcode to reset your Apple ID password. As far as I can tell they force you to do it by making you enter it at setup. They tell you about it but give you no option to decline.
Apple could easily fix this but they seem to be ignoring the problem. I wouldn't be surprised to see them quietly fix it in 17. We all know how much they like admitting mistakes.
Anyone prefers the unlocking pattern how they have on Android smartphones?
I don't feel like digging up references but I believe it has been proven to be the least secure method for several reasons. I also seem to remember reading / hearing that Google employees are not allowed to use it on their corporate phones.
I think the ultimate solution here is that Apple must make it so that a device/passcode combination cannot be used for the following on their own:
1. Changing Apple ID password.
2. Creating or changing a recovery key.
3. Creating or changing a recovery contact.
4. Creating of changing a trusted phone number.
5. Turning on or updating 2FA.
6. Adding or updating physical security keys.
All of these changes need to be tied to the Apple ID password with additional verification methods in order to change your Apple ID password in case you forget it.
1. Changing Apple ID password.
2. Creating or changing a recovery key.
3. Creating or changing a recovery contact.
4. Creating of changing a trusted phone number.
5. Turning on or updating 2FA.
6. Adding or updating physical security keys.
All of these changes need to be tied to the Apple ID password with additional verification methods in order to change your Apple ID password in case you forget it.
Definitely seems like something a hacker program could crack quickly. You only have a pool of nine instead of ten, and can you even repeat a location, and what's the max. And there are only certain choices following each one. Can only go to 2 4 or 5 from 1. I used to use it on my GS8+ but don't remember the rules anymore.
Yeah, but if you do this and purchase apps, they're tied only to that one Apple ID. Might be fine if you really only use free app downloads or bought ones you'd only ever use with that one iPhone? But I had 2 Apple ID's before; one for my iPhone and one for an iPad. Thought that would be a great way to keep the (mostly music related) iPad apps totally separate. But over time, I sold the iPad and found I didn't really need one anymore. And now I've got all these purchased apps kind of held hostage over on that Apple ID.
A LONG time ago, Apple hinted at eventually allowing people to transfer purchased apps from one Apple ID to another, at least as a one-time process. I really wish that would have happened.
STOP USING 4 or 6 DIGITS PASSCODES ON YOUR DEVICE. USE ALPHANUMERIC PASSWORDS!
ACTIVATE FACE ID! UNLOCK YOUR DEVICE WITH FACE ID! IF FACE ID FAILS, HIDE YOUR DEVICE FROM ANYONE VIEW WHEN TYPING THE ALPHANUMERIC PASSWORD IN PUBLIC.
ACTIVATE FACE ID! UNLOCK YOUR DEVICE WITH FACE ID! IF FACE ID FAILS, HIDE YOUR DEVICE FROM ANYONE VIEW WHEN TYPING THE ALPHANUMERIC PASSWORD IN PUBLIC.
Yeah, but at least if an app falls back to asking for a password because Face ID fails? You can just force-quit the app (swipe up part way from the bottom and then swipe it all the way up/off the screen to end it), and re-launch to make it try Face ID again.
They should make a security hood you can wear when you need to enter a code.
I think the answer is pretty simple. It would dramatically increase the time and frustration to log into your phone.
My old ”iTunes” Apple ID is where all my media purchases and subscriptions are, and separate from my “email/icloud” Apple ID, so it turned out to be good that I could never combine my ID‘s like I wished I could. I’ve always had to enter the “iTunes” ID in “Media & Purchases” for my devices, so that didn’t change. The secondary ID cannot be changed from Settings using just the passcode (as long as that ID isn’t used for an email account on the device), so all is good and I have my apps, subscriptions, books, and music, etc on the iPhone that is otherwise restricted.
Some are video recording the passcode entry so it does not matter how complicated you make it.
they should make an option to only allow password changes from verified wifi/gps locations. I ONLY want to change my id/password from my home on my home wifi. otherwise, lock it out.
It's there if you want to keep your kid from changing the device passcode, making account changes, etc.
The article fails to mention that while you can lock the Screen Time settings with a different passcode, you can easily say you forgot your passcode and use your Apple ID to turn it off.
Sure, but TouchID is so much more reliable than FaceID that the soft lockout that requires you to reauthenticate via password happens much less often.