They certainly need to go much further than they have already, IMHO. However, it is a welcome change that you can use your old password for 72 hours to get into your Apple ID (with the caveat that I'm hoping it works as has been stated).
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Responds to Report About Thieves Spying on iPhone Passcodes to 'Steal Your Entire Digital Life'
- Thread starter MacRumors
- Start date
- Sort by reaction score
Don't use a passcode, use a lengthy passphrase and use TouchID/FaceID most of the time.
Hi, you all know how if you lose your credit card, you can login online to your bank acct and LOCK that card so it can't be used. What if Apple had such a feature. If you lost/misplaced your iphone/pad you could immediately logon to your Applid/ICloud account and LOCK that device (kind of like Find my Phone but a Lock my Phone instead). Apple would then lock changes to you apple account (at the system level so no changes could be made to it) AND send signal to that iphone to disable the lockscreen password for that device as well a forgot my passcode. I know there is a time factor to do that (before they've changed the applid password) so using a hard lock screen password and the screen time passcode would buy you more time to do the Lock the Phone.
I'm sure there are a million reasons why this wouldn't work so let me know. Apple should still fix the basic issues they have but this could be of some help.
I'm sure there are a million reasons why this wouldn't work so let me know. Apple should still fix the basic issues they have but this could be of some help.
They have this through https://www.icloud.com/ The problem is the thieves change the Apple ID password (and passcode) so fast, that people are locked out. They're very methodical.
From the news reports, it happens within minutes. One example of how devious these scumbags are: sometimes they don't even shoulder-surf, they befriend the mark and then make an excuse such as entering their SC or IG user name into the mark's phone. When they hand the phone back, they'll "accidentally" shut the phone off, forcing the mark to enter the passcode upon reboot--diabolical.
Original article (Feb):
A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life
The passcode that unlocks your phone can give thieves access to your money and data. “It’s like a treasure box.”
www.wsj.com
Follow-up, that "recovery key" is used against owners:
https://www.wsj.com/articles/the-ip...o-lock-you-out-of-your-apple-account-716d350d
Last edited:
Like needing more than a pin code to change the Account password?
There’s no issue to address; this is how passkeys work.
Don’t let anyone find out your device passcode, would be my advice.
I think it’s helpful to inform someone how something works than pedalling false hope.
Just because something works a certain way doesn’t mean it can’t be improved. The perfect example is the you’re holding it wrong iPhone 4.
The attacks are targeted with multiple people following you until they can catch a glimpse at the screen. It's like saying don't let anyone rob you yet robberies still happen. You can be vigilant 99% of the time, all it takes is a couple distracted or tired seconds just once. Other than the users of this forum few of the millions of iPhone users even know how that attack works and that their entire Apple account with all devices can be compromised.
Oh I know how/why it happens, but the solution is for extra vigilance. I witness so many people inputting their device passcode in plain sight so it’s clear some people are just not that bothered about security.
That's like a pro lifer saying don't get raped if you don't want to have a baby. You really don't have a choice sometimes, especially with iOS forcing you to log in with your passcode sometimes, no matter where you are. And you can bet someone can see it if you're in public.
As it is, it's painfully easy to lock someone out of their own account, icloud, and any itunes stuff, with no recourse from apple.
I just use 8-digit passcodes these days. That's relatively short for me as it's a pain to use normal-length passwords without a physical keyboard. My passwords are often 16-20 characters. Fortunately I only have to enter them once or twice a day.
Make sure you move away from other people if you need to input your passcode in public. Try and conceal the screen too.
No one can be 100% vigilant, 100% of the time. We all let our guard down sometimes.
Not necessarily. If you are out in public on your own, no one will be able to see it 😛