Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Responds to Report About Thieves Spying on iPhone Passcodes to 'Steal Your Entire Digital Life'
- Thread starter MacRumors
- Start date
- Sort by reaction score
Android is far more decentralized.
Password is a whole different aspect.
Looking at Screentime as a short term work-around. Seeing if it can be gotten past.
Update: it appears you can get my screen time if you have the device passcode and it isn’t setup via family sharing.
Last edited:
We only heard the PR departments boilerplate response.
I'm pretty confident the WSJ article was noticed at Apple in the right departments. But Apple being Apple, they would never acknowledge this publicly.
Unfortunately Screen Time has the same flaw where there is a way to bypass it by the device passcode. See my post #300 in this thread.
I opened an Apple security ticket detailing the issue and they closed it by saying they don't see an issue.
You heard what you wanted to hear. I’m sure apple is concerned and thinking about how to balance security and usability without disenfranchising those who don’t need band vault security.
If they were concerned, they would have least kept my ticket open or say there are investigating. By closing as a non issue and the way they responded to WSJ, they are disenfranchising their security concise customers,.
Incorrect. The software is working as intended. Their security concise customers already knew of this and took steps to litigate it before the article came out.
Now that it’s a thing that through social engineering the device passcode can be phished people can be more situationally aware.
How does that work?
I understand how a bad guy could steal my phone and use my passcode to unlock it. And they would also have access to my AppleID and the passwords to my bank or whatever.
But... how does the money actually go from my account to their account?
Wouldn't that be able to be tracked? Or are we assuming they have anonymous off-shore bank accounts?
I'm not downplaying the risks here. This thread has definitely got my attention.
I just want to know the actual process for a bad guy to remove money from my checking account and put that money into their account.
We have a similar risk if someone steals your ATM card and knows your PIN... but there is a daily-limit to what they can actually withdraw from the account. I'd cancel the card shortly after so they can't do it again.
Yes, I know how you like debating in circles and always having the last word...lol! Times has changed and the security model needs to change.
Gotcha, thanks for pointing that out, thought I had figured out a way to protect against this."One can protect against this with Screen Time
Set Screen Time on, protected by a separate PIN. Disallow account changes and passcode changes. Done!"
Henrik,
It's still possible to remove devices from your account by going to Settings>Privacy & Security>Safety Check then going to the Sharing & Access setup. When you reach Step 3 you can remove all devices associated with your Apple ID (except for the iPhone your using).
I guess for now a more complex passcode helps a bit. Even so the attacker could always use violence to get the passcode, so some better protection should be provided by Apple.
If your app has Zelle or some other Cash Transfer. But I would think it would be traceable where the $$$ went. And hopefully there is some low limit for new recipients.
There’s a certain irony in the above.
Maybe it does and maybe it doesn’t. We’ll see apples response or not.
To log into whatever service you had created the passkey for. Passkeys are not that common (yet), but for instance, some email services now permit passkeys, so you could theortically log into the email accounts associated with the passkey. Another user on here already commented that my understanding of passkeys is incorrect, and that passkeys are not made with any "FaceID data" -- a claim that surprises me, but I don't know any better....
If you will allow me to poke a little more, whenever I use a passkey, it "authenticates" me in the same way that FaceID does. I am wondering, if the FaceID data is not associated with the passkey, what part of the process does the FaceID effect? Surely, assuming no thief scenario, if I showed my phone to someone else's face while attempting to log into an account with a passkey, the login will fail because the passkey will fail because it is not my face. Not trying to push back on your answer, I am just not understanding what part the "faceID" plays in the passkey process if it is not tied to the passkey data?
Saw the article yesterday and read though all 24 pages of this thread today.
One thing stands out to me: Apple devices have passcode authentication and biometric security, but it never seems to use both.
If one need to provide the passcode, AND THEN pass the Touch/Face ID authentication in order to change the password, that would alleviate a lot of the security concern here (under duress notwithstanding)
One thing stands out to me: Apple devices have passcode authentication and biometric security, but it never seems to use both.
If one need to provide the passcode, AND THEN pass the Touch/Face ID authentication in order to change the password, that would alleviate a lot of the security concern here (under duress notwithstanding)
Don’t have an answer for you. My first thought was off-shore transfers. I’m sure there are other methods.
I understand what they are for. Rather I was thinking why would a thief who is looking to drain accounts would want to mess with passkeys. I suppose if they have the time it would be doable.
Thx
None of that matters if the thief also knows your passcode. Having to use TouchID and FaceID at the same time doesn't change anything when you can still get into an iPhone with just the passcode.
Thanks for the reply!
Another comment mentioned apps like Venmo and Zelle... but those should be trackable since they are tied to a bank account. I'm not sure it would be a great idea to try to empty someone's bank account using those apps.
But I dunno.
So reading though all 603 posts, here's what I've gathered (I may have messed some up, not sure):
01) In order to change your iCloud password you should have to enter in the old/current password AND the device unlock passcode. Ideally, an iCloud passcode change would require: Face ID or Touch ID, current iCloud passcode, and device passcode.
02) All account critical settings on iOS and macOS should (optionally) be able to be locked behind an at least 6 digit passcode with the option to be alphanumeric and CANNOT also be the same as any currently used passcode like iCloud or device unlock. Adding Face ID and Touch ID authentication should be an option here as well.
03) There should be an option to toggle on a 24hr waiting period for an iCloud password reset to take effect.
04) Important apps like banking apps, stock market apps, email or whatever app (or folder) the user chooses, should have the option to be locked behind a passcode which must be entered before they launch. These apps and folder self-lock when the phone locks.
05) Once Advanced Data Protection is on, changing the Recovery Key or turning the Recovery Key off should require the device unlock passcode AND the iCloud passcode and probably Face ID or Touch ID as well. It should also have a 24 hr waiting period as an user-settable option.
06) Screen time passcode should not be able to be added, removed, or changed without iCloud passcode AND device passcode and probably Face ID or Touch ID as well.
07) If FaceID fails for Passwords (in settings), require iCloud passcode AND Device passcode to unlock. Maybe have it always require some passcode.
08) Removing devices from your account through Safety Check should require iCloud passcode and device passcode and probably Face ID or Touch ID as well.
09) Apple could make a “duress” passcode an option, (or button presses) where when it’s used it locks down the phone or erases it (options set by the phone’s owner) or turns on Lockdown Mode.
10) FaceID and Touch ID should not be able to be altered without iCloud Passcode and Device Passcode.
11)
One option discussed is (until Apple fixes it’s security holes, which is a simple fix) to create a kind of “Mobile” Apple ID account that is not the main account but one that has things shared with it, like Calendar, and limited amount of information in things that cannot be shared.
Also, maybe a quick way to enable Lockdown Mode.
01) In order to change your iCloud password you should have to enter in the old/current password AND the device unlock passcode. Ideally, an iCloud passcode change would require: Face ID or Touch ID, current iCloud passcode, and device passcode.
02) All account critical settings on iOS and macOS should (optionally) be able to be locked behind an at least 6 digit passcode with the option to be alphanumeric and CANNOT also be the same as any currently used passcode like iCloud or device unlock. Adding Face ID and Touch ID authentication should be an option here as well.
03) There should be an option to toggle on a 24hr waiting period for an iCloud password reset to take effect.
04) Important apps like banking apps, stock market apps, email or whatever app (or folder) the user chooses, should have the option to be locked behind a passcode which must be entered before they launch. These apps and folder self-lock when the phone locks.
05) Once Advanced Data Protection is on, changing the Recovery Key or turning the Recovery Key off should require the device unlock passcode AND the iCloud passcode and probably Face ID or Touch ID as well. It should also have a 24 hr waiting period as an user-settable option.
06) Screen time passcode should not be able to be added, removed, or changed without iCloud passcode AND device passcode and probably Face ID or Touch ID as well.
07) If FaceID fails for Passwords (in settings), require iCloud passcode AND Device passcode to unlock. Maybe have it always require some passcode.
08) Removing devices from your account through Safety Check should require iCloud passcode and device passcode and probably Face ID or Touch ID as well.
09) Apple could make a “duress” passcode an option, (or button presses) where when it’s used it locks down the phone or erases it (options set by the phone’s owner) or turns on Lockdown Mode.
10) FaceID and Touch ID should not be able to be altered without iCloud Passcode and Device Passcode.
11)
One option discussed is (until Apple fixes it’s security holes, which is a simple fix) to create a kind of “Mobile” Apple ID account that is not the main account but one that has things shared with it, like Calendar, and limited amount of information in things that cannot be shared.
Also, maybe a quick way to enable Lockdown Mode.