iPhone 14/Plus How come people that steal your iPhone ask for your passcode?

[iHorseHead]

Hi,
I've seen videos and screenshots of people getting their iPhones stolen and asking for passcodes, but I forgot my passcode today and restoring it to the factory settings was very easy, which is quite worrisome.
Also, after restoring my phone I remembered my passcode 😅 But it was very easy. What would stop a thief for stealing my iPhone and just reselling it?
And why do people ask for passcodes if you can restore without it.I wish iPhones were more secure.

 

[mrochester]

If find my is turned on then the iPhone becomes a brick once stolen unless the thief also knows or can change your apple account password.

 

[lofiani9901]

I thought the same thing! But isn’t it true that even after a factory reset, the iPhone still asks for your Apple ID when setting it up again? Unless someone also gets that info, it’s useless, right?

 

[benwiggy]

restoring it to the factory settings was very easy, which is quite worrisome.

The main emphasis of security is protecting your data, not your phone. Someone might be able to get the phone working, but they can't access your files, contact, photos, email, etc.

 

[chachima]

Yep, that’s true. A factory reset doesn’t bypass the Apple ID lock. Unless the thief also knows your Apple ID and password, the phone is basically useless.

 

[JimKas]

All of this is why you should not use "1234" as a passcode. I use both letters and numbers, and also the password to your Apple account should also be complex (not easily guessed). Yeah, the device can still be stolen, but as was said above, your data is better protected.

 

[CharlesShaw]

All of this is why you should not use "1234" as a passcode.

And turn on Stolen Device Protection so a certain kind of thief can't use your forcefully-obtained passcode to take control of your Apple Account and lock you out of your ID and your other devices that have Find My turned on.

About Stolen Device Protection for iPhone - Apple Support

Stolen Device Protection adds a layer of security when your iPhone is away from familiar locations, such as home or work.

support.apple.com

 

[BugeyeSTI]

If your iPhone is activation locked, it won't matter if the thief restores the phone. They won't make it past the setup procedure so the passcode isn't relevant anymore.

 

[JonaM]

Hi,
I've seen videos and screenshots of people getting their iPhones stolen and asking for passcodes, but I forgot my passcode today and restoring it to the factory settings was very easy, which is quite worrisome.
Also, after restoring my phone I remembered my passcode 😅 But it was very easy. What would stop a thief for stealing my iPhone and just reselling it?
And why do people ask for passcodes if you can restore without it.I wish iPhones were more secure.

If you were able to restore your iPhone without inputting your passcode or your AppleID username/password then you have disabled the default protection of Activation Lock through FindMyiPhone.
Check if you have FindMy and Stolen Device Protection active in settings, as without that you have lost quite a bit of the security

 

[russell_314]

If your iPhone is activation locked, it won't matter if the thief restores the phone. They won't make it past the setup procedure so the passcode isn't relevant anymore.

With your passcode they can reset your password on your Apple account. With your Apple account username and password they can turn off activation lock while downloading all your personal data and other saved passwords.

 

[russell_314]

That’s what you can do with the passcode. Unless your life is in danger don’t let someone have it.

 

[elvisimprsntr]

If a thief knows the passcode, they can open the password app to retrieve the Apple ID and password. At that point they can also reset the passcode and biometric settings, and have access you any linked credit cards and data.

 

[russell_314]

If a thief knows the passcode, they can open the password app to retrieve the Apple ID and password. At that point they can also reset the passcode and biometric settings, and have access you any linked credit cards and data.

Turning on stolen device protection mitigates this. By default even if you turn it on, it’s only active when you’re away from “familiar locations”. This is a big security flaw because if your phone gets stolen at work or home, they could just simply turn off stolen device protection right there since it’s a familiar location. You have to set it to all locations. This also means when you’re about to turn in your phone for repair or trade-in, you have to plan ahead and turn it off.

 

[BugeyeSTI]

With your passcode they can reset your password on your Apple account. With your Apple account username and password they can turn off activation lock while downloading all your personal data and other saved passwords.

From the way I understand the OP, he never said the thief had the passcode, only asked for it. If he doesn't have the passcode I don't see how he can disable anything. If they're asking or threatening you during a robbery I guess it's up to the person how important the phone and data is to them. In my state, they support stand your ground, castle doctrine and constitutional carry. The thief could find themselves in the morgue very easily. Not the first time someone lost their life committing a crime

 

[russell_314]

From the way I understand the OP, he never said the thief had the passcode, only asked for it. If he doesn't have the passcode I don't see how he can disable anything. If they're asking or threatening you during a robbery I guess it's up to the person how important the phone and data is to them. In my state, they support stand your ground, castle doctrine and constitutional carry. The thief could find themselves in the morgue very easily. Not the first time someone lost their life committing a crime

From my understanding the latest tactic is thieves shoulder surf you entering your password then when you’re not paying attention grab your phone and run. Not much you can do in that scenario once you put yourself in the situation. Turning on stolen device protection does seem to help

 

[BugeyeSTI]

From my understanding the latest tactic is thieves shoulder surf you entering your password then when you’re not paying attention grab your phone and run. Not much you can do in that scenario once you put yourself in the situation. Turning on stolen device protection does seem to help

I suppose the safest bet in the situation you described is to only unlock your device with FaceID or TouchID in bars or crowded/public places. If it doesn't unlock and asks for your passcode, you should be extra careful by checking your immediate surroundings to see if someone has unusual interest in what your doing. Having an Apple Watch is very helpful in this situation by being able to unlock your phone with the watch without needing the passcode..

 

[TheDailyApple]

If a thief knows the passcode, they can open the password app to retrieve the Apple ID and password. At that point they can also reset the passcode and biometric settings, and have access you any linked credit cards and data.

I hope everyone understands that it is absolutely idiotic to store your Apple ID credentials in the Apple passwords app. That's like storing your safe's code on a sticky note inside the safe. The login credentials to your password manager (which is your Apple ID if you use the password app) should always be one of the few passwords memorized and, if further backup is needed, written down in a safe physical location.

Device passcodes and Face/Touch ID can be used to access passwords on a device that has been authenticated, but your Apple ID and password are the real credentials.

 

[CharlesShaw]

If find my is turned on then the iPhone becomes a brick once stolen unless the thief also knows or can change your apple account password.

Find My is a double edged sword, so I only use it on devices that leave the house --insurance against bricking ALL of my devices if I permanently lost access to my Apple ID.

 

[iHorseHead]

If a thief knows the passcode, they can open the password app to retrieve the Apple ID and password. At that point they can also reset the passcode and biometric settings, and have access you any linked credit cards and data.

Is there any way around it besides creating a new passcode for ScreenTime?

 

[Jackbequickly]

I suppose the safest bet in the situation you described is to only unlock your device with FaceID or TouchID in bars or crowded/public places. If it doesn't unlock and asks for your passcode, you should be extra careful by checking your immediate surroundings to see if someone has unusual interest in what your doing. Having an Apple Watch is very helpful in this situation by being able to unlock your phone with the watch without needing the passcode..

This!
Using FaceID will stop anyone from seeing you enter your passcode over your shoulder.

 

[iHorseHead]

This!
Using FaceID will stop anyone from seeing you enter your passcode over your shoulder.

It asked for my passcode, which I had forgotten and then I simply restored my phone to factory settings. It was too easy, which made me worried.

 

[Jackbequickly]

It asked for my passcode, which I had forgotten and then I simply restored my phone to factory settings. It was too easy, which made me worried.

As long as you know your Apple ID and password you can do that.

 

[russell_314]

I suppose the safest bet in the situation you described is to only unlock your device with FaceID or TouchID in bars or crowded/public places. If it doesn't unlock and asks for your passcode, you should be extra careful by checking your immediate surroundings to see if someone has unusual interest in what your doing. Having an Apple Watch is very helpful in this situation by being able to unlock your phone with the watch without needing the passcode..

I know some people that don’t use Face ID because they feel it’s a privacy issue. They are putting themselves in additional risk though. You can use a password instead of a passcode and in theory that would be harder to read over your shoulder. I don’t do this because I don’t feel it’s necessary. I keep stolen device protection on. I feel that’s minimal security.

 

[BugeyeSTI]

I know some people that don’t use Face ID because they feel it’s a privacy issue. They are putting themselves in additional risk though. You can use a password instead of a passcode and in theory that would be harder to read over your shoulder. I don’t do this because I don’t feel it’s necessary. I keep stolen device protection on. I feel that’s minimal security.

I have SDP on and I also set Screen Time up (with a different passcode) to block access to account and FaceID/TouchID changes. Not sure if it will help but it's another hoop a thief would have to jump through..

 

[TechnoMonk]

Only thing I care about is, did the thief ask my pass code nicely with a pretty please.