How to Lock Specific iPhone Apps Behind Face ID or Your Passcode

[marvin_h]

This workaround sounds promising -- but doesn't it just use the same spied passcode that thieves used to unlock the phone in the first place?

If only you could set this to be a different passcode then the one used to unlock your phone.

As described in much detail in this hot thread, this would not be of much help if someone obtains our passcode:

https://forums.macrumors.com/threads/stolen-iphone-criminals-have-full-control-and-apple-cannot-help.2388366/

Still doesn’t protect access to your passwords on keychain. Even with a workaround of setting up secondary password using screen time to protect making changes to a stolen phone a thief can still get all your passwords from keychain. Apple has serious work to do in this area.

Yeah just about the only app that gets this right is 1Password. It allows biometric locking of itself and most importantly if someone adds a new fingerprint or face to the OS, 1Password locks out biometric authentication until the separate 1Password password is used. This prevents someone who has your passcode from adding their biometrics to the phone and accessing 1Password. (Shockingly, many financial institutions don’t take this step!)

 

[DaPizzaMan]

You’d probably also want to do this for the Shortcuts app itself, to prevent someone from disabling the automation.

It doesn't show up in the list of apps.

 

[Brentley3]

You’d probably also want to do this for the Shortcuts app itself, to prevent someone from disabling the automation.

I don't see the Shortcuts app in the list of applications to be able to apply this same technique to it.

 

[VulchR]

oh waw!!!! so easy and userfriendly.

Ffs.. without a how-to not a single user will ever figure this out.

It's not rocket science. However, there should be a system toggle.

 

[DaPizzaMan]

I wanted to try this but I don't have the 'lock screen' option when i type 'lock'. I just get everything else but the screen

You need to be on iOS 16.4, as per the article.

 

[klasma]

I don't see the Shortcuts app in the list of applications to be able to apply this same technique to it.

Right, it turns out you can’t do that. I only claimed that you’d want to, though, which is still true.

 

[Newbie67]

Yeah just about the only app that gets this right is 1Password. It allows biometric locking of itself and most importantly if someone adds a new fingerprint or face to the OS, 1Password locks out biometric authentication until the separate 1Password password is used. This prevents someone who has your passcode from adding their biometrics to the phone and accessing 1Password. (Shockingly, many financial institutions don’t take this step!)

I am now understanding the holes in apple’s security better having read the recent posts in MR. Now, in addition to 2fa, changing trusted number, Alfa numeric code, and adding the screen time password layer, all vital passwords (including iCloud ironically) will be removed from keychain and stored on separate encrypted password manager. I don’t see any other way around this

 

[antiprotest]

Completely useless since the Shortcuts app itself cannot be protected like this.

And don't all shortcuts and automations disappear if you delete the shortcuts app?

If someone has snatched your unlocked device or knows how to unlock your device, he can also delete the shortcuts app.

Am I right?

PS: It occurred to me that you can use the screen time passcode to set deleting apps to "don't allow," but then you will need to unlock that every time you try to delete an app yourself.

 

[MNGR]

I don’t understand why they have not added a toggle in the FaceID settings yet to enable it for any 3rd party app. Why rely on the developers to implement it. Sometimes I don’t get Apples restricted implementations of features.

I guess being able to hide the „hidden“ folder in Photos and lock it was a start

Needs to be on a per app basis

 

[marvin_h]

Why not allow users to remove the passcode altogether and rely only on biometrics?

 

[VulchR]

Just thinking about this and the ability to lock folders would be useful as well.

 

[ignatius345]

Yeah just about the only app that gets this right is 1Password. It allows biometric locking of itself and most importantly if someone adds a new fingerprint or face to the OS, 1Password locks out biometric authentication until the separate 1Password password is used. This prevents someone who has your passcode from adding their biometrics to the phone and accessing 1Password. (Shockingly, many financial institutions don’t take this step!)

I have iCloud keychain OFF and 1Password ON. I just tried holding my finger over the camera and unlocking my phone with my password. My banking apps try FaceID, and if that fails they want a password -- a password that only 1Password can fill in. So, on that front I feel like I'm protected from PIN jacking.

HOWEVER, my iCloud settings themselves are still totally accessible with that same lock code a thief would have spied to unlock my phone in the first place. Huge security hole, and one I hope Apple addresses. At the very least, changing iCloud settings should require a different passcode than the lock code. And we should have the option of making iCloud setting trigger 2FA authentication -- same as setting up a new phone.

 

[scheinderrob]

this is a cool add on, i can hide my porn browser now.

on a side note, i need to check out the shortcuts app, looks like a lot of cool automation there.

 

[HiFiGuy528]

this is great! easy to follow and works flawlessly. Thank YOU!

Pls. do more of these in the future.

 

[contacos]

Needs to be on a per app basis

Yes obviously toggle for each app individually just like you can toggle Siri search for each app individually already

 

[JMO1]

The shortcut is a mess.

Shortcuts in general are a mess. I imagine a on device chat not that could build these would be much better received AND USED by the masses. I personally would like to do more with my iPhone, but the brain damage like the above is why I do not.

 

[toobravetosave]

Until apple requires mandatory biometrics with no passcode override your entire keychain is exposed on the pin

 

[darkduke]

Why we should go through all the steps when an app-based enhanced privacy protection feature should be essential?

 

[ericinboston]

And speaking of Apple's Screen Time...it's complete garbage and kids can easily unlock/workaround it. There has been talk on MR about a Class Action Lawsuit against Apple and its Screen Time implementation.

 

[DaPizzaMan]

Why we should go through all the steps when an app-based enhanced privacy protection feature should be essential?

Because realistically not all apps will add that feature? Hopefully Apple implements it on an OS level.

 

[iStorm]

In principle you should be able to set up an automation that asks the user for a specific input. Haven’t tried this though, and the input would be a plain-text input, not a password input.

I thought the same thing, but it doesn't work after trying it out.

1. The app is still open in the background while the prompt shows in the foreground.
2. The user is able to cancel the prompt and continue using the app. It seems that the 'Cancel' button terminates the shortcut. No other action after it runs, so we aren't able to check if it was cancelled or no input.

 

[compwiz1202]

This workaround sounds promising -- but doesn't it just use the same spied passcode that thieves used to unlock the phone in the first place?

Exactly! First thing I thought too. They need a choice for biometrics only.

 

[aidler]

Completely useless since the Shortcuts app itself cannot be protected like this.

Wouldn't call it completely useless, but yeah, it's nothing more than a band-aid like the door to your apartment.

 

[robbietop]

It's not perfect, but I'll take it

 

[TechnoMonk]

This workaround sounds promising -- but doesn't it just use the same spied passcode that thieves used to unlock the phone in the first place?

There is no workaround for lack of awareness, and keeping your pin/passcode safe.