Well, they couldn't use that method via the iPhone, as they can't get in the iPhone to see the email anyway. The only other way they "forget my password" would be if they had a computer the guy used and his email client had his email (that he uses to receive apple emails) setup. Then they could send/receive emails from that account. But this requires a computer logged into an account. If he was using FileVault and logged out, forget it.
But why did the FBI change the Apple ID password? That alone won't get them in the phone. Did they think that by changing the apple id password that would change the phone password? Being apple to login to iCloud.com will not let you see anything on your phone that is only on your phone.
Confused...
An email doesn't get sent to your iPhone, it gets sent to your email account. As an example, I can read my emails on my Mac, my iPad, two iPhones, and I can set up a new device to access my email account at any time. Or the FBI could. I can read my emails from multiple places, and so can you with your emails. But first, the email ends up at my ISP. So if they can't read my emails, they can go to my ISP and read my emails there. This guy used his work phone, so the email first went to his employer's email server. If you have a work phone supplied by your employer, most likely the employer has the ability to read all your emails.
And worst case, they could ask Apple to change the criminal's email address on their servers. Apple has stored somewhere "if joe terrorist resets his password, send an email to
joe.terrorist@email.com". And they can change that to "if joe terrorist resets his password, send an email to
secret.agent@fbi.com". So the "change password" email would now be sent to
secret.agent@fbi.com.
The reason why they changed the password was that they couldn't read the terrorists data on iCloud because they didn't know the password. So they did a password reset, changed the password to "FBI" and now they could read his iCloud data. And no, that didn't get them the phone data except for an old backup, and before passwords could be of any use, you must first unlock the phone.
No, Apple does not allow the same password to be used in last year.
I think they do. But it doesn't matter, because nobody knows the old password, so nobody could change it back anyway.
I haven't kept up with this and confused (no surprise). If the county is the owner and changed the pw after the incident, why don't they have the pw now to grant the FBI access?
They have a password that they could use after they unlock the phone. But they can't unlock the phone. They can access the data on iCloud, but on iCloud there is only a several week old backup. And Apple gave them or would have given them that data anyway, so that password change was unnecessary.
Where they messed up: An iPhone makes backups _automatically_ even if it is locked. So Apple's engineers thought they could convince the iPhone to make a new backup (even though it's locked) and they could have picked up the data on iCloud. But the iCloud password was changed. Now the iPhone itself doesn't know the correct password anymore. And they can't change the password back because they don't know the old password. And they can't type in the new password on the iPhone because it is locked.