Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
How to Lock Specific iPhone Apps Behind Face ID or Your Passcode
- Thread starter MacRumors
- Start date
- Sort by reaction score
Use guided access. Triple click the side button and give your phone to whoever.
Use guided access. Triple click the side button and give your phone to whoever.
Use a proper passcode.
It’s extremely easy to setup and use. No fiddling required.
Just use a proper passcode. It’s not hard. It really is your own fault if it’s that easy to get into your phone. There’s only a certain amount that can be done for you. The rest is up to you to implement if you’re worried.
There is nothing ‘James bond’ about keeping all your secrets safe. Just make a good password like you do with everything. And if you don’t bother with this basic security method then it’s all on you.
Or just don’t expose your pin. People are gonna forget a separate pin to disable biometrics, if they don’t use it. You can’t work on the premise I am gonna give my car keys, house keys, and passcode to a thief and build security.
I've got my Pixel setup like this so even if thieves have the phone code they cannot get into many apps.
Thats fantastic. Any pointers to how to do this? Maybe my solution will be to use a Pixel until Apple fixes this.
You have a solution right there.
Currently, Apple uses one key for the car, house, bank account, email, screen unlock, etc. We wouldn't use the same password for all our web sits. We wouldn't use the same key for all our IRL security needs. Yet Apple does precisely that on the iPhone. They should at least give users more choices to lock things down.
If they would allow different keys for those things, that would help a lot.
Bonus points if they can make it possible for the user to choose to make some of them ONLY work with biometrics or something like a FIDO physical key. That would basically solve this attack vector for those that want to close it down.
People barely remember one pin, you think they will remember many, most will just use one pin for everything. I have a simple solution, don’t be careless with your pin. If some one doesn’t care to guard one pin, what’s the guarantee they won’t expose other pins? Good luck remembering and safe guarding 20 different pins. Lol. I won’t be surprised folks start storing in one app/vault with all pins. Thieves will just get in to the vault and take what they want.
I am all for Apple giving options for those who don’t bother to use biometrics or safe guard their pin. Don’t shove the design to others.
Yes, exactly, this is very cumbersome and adds needless complexity to a very useful function. For example, locking banking and financial apps behind biometrics is extremely helpful for keeping prying eyes and fingers out of sensitive business activities.
Apple is aware that people are doing this, so they should add an EASY option to the Settings app so that people do not have to go through 10 different steps to activate it.
This doesn't look like it "Just Works". Lol wow, how complicated. Pathetic for Apple.
It's not complicated at all. In fact, it takes less than a minute to set up and it does work. Nothing pathetic about it.
You should have tried it before making your post.
Yeah I agree! Thats the point. Apple only allows a single pin for everything on the iphone, the same pin that is used for the lock screen also allows payments, emails, unlocking smart locks, getting into the key chain and unlocking everything else.
Sure would be nice if they didn't force users to put all the honey into one pot. People could still be dumb and use the same pin for everything. But at least users would have the option to be smarter.
If you use a nice alphanumeric passcode and then faceID for everything then I think you’re pretty set up to be honest. the ability of people to look over your shoulder to steal your pin is greatly reduced when it’s not just numbers!
I wish more apps would allow you to use a different code rather than the phones code if faceID failed though.
Over a different pins approach I would prefer a dummy account type idea. So from identical Lock Screens you can use two different passcodes. One is your phone proper and the other is a profile where you only allow certain apps, or even better particular parts of certain apps, or even totally new instances of certain apps (the choice could be yours). Perhaps a totally separate private browsing only cookie controlled safari instance, whatsapp or signal but only certain contacts messages etc etc.
I’m not sure how faceID would work in this case, perhaps you could have toggle which chooses which profile it unlocks, although once in either profile it should work across apps etc regardless of the toggle.
Yeah, I agree. This would be so simple and so effective. It could be optional and it could have additional layers if one wanted (such as all Face ID is disabled if a new face is added) until some additional step is completed, like using a YubiKey or some other authentication that doesn't rely on the lock code nor on anything stored on the phone itself.
I get what you are saying but in some of the cases reported its not as simple as someone literally grokking the code in real time as entered, but using a camera to record it -- which could be slowed down and re-watched a hundred times until they figure it out. So ultimately the lock screen passcode may get stolen. What we need it a second line of defense where the lock screen passcode isn't required by Apple to be the same code as what unlocks the keychain, payment apps, email, phone calls, SMS, etc etc, like it is, now.
This is cool tip!
Though I though this would be an app setting under the system settings somewhere.
Though I though this would be an app setting under the system settings somewhere.
What you can do is set a screen time passcode that's different to your device pin. Then in Screen Time > Content & Privacy restrictions toggle "passcode Chnages' and 'Account changes' to don't allow. That way if someone has your device pin they can't change your passcode/faceId/disable find my if they don't have your second screentime passcode.
Except the Screen Time passcode can be changed with the device passcode by using the "Forgot..." option.
ok thanks i didn't know that thought it was only the apple id+password that could!
I double checked and yes, the passcode seems to work here too:
- Go to Settings / Screen Time
- Tap "Change Screen Time Passcode"
- Tap "Turn Off Screen Time Passcode"
- Under "Turn Off Passcode" choose "Forgot Passcode?"
- Enter Apple ID under "Screen Time Passcode Recovery" (Apple ID address is available to anyone with access to the phone)
- Instead of entering password, choose "Forgot Apple ID or Password?"
- Enter iPhone passcode to reset Apple ID password
Also, I've noticed that backing out of the "Forgot Passcode?" flow twice removes the option from the "Turn Off Passcode" screen for a period of time (24 hours, maybe?). In theory (and unless it's a bug) you could do this before a night out to make it impossible to get around the Screen Time passcode in case your phone gets stolen. It would give you a bit more time to report the phone as stolen.
Edit:
Nevermind, it looks like the missing "Forgot Passcode?" option is a bug of some kind. The last time I ran into it I got it back the next day, but now the option re-appeared just minutes later.
Last edited:
This is crazy. Might as well not have an Apple ID that is separate from the phone passcode at all.
I’m currently using this method, but it’s cumbersome and counterintuitive. I have nine apps locked, so if I let someone use my phone, they’re going to be constantly triggering the Lock Screen - forcing me to unlock it for them, which is not worth the bother. Having a simple toggle switch to lock apps individually with a pass code should be a no-brainer for a company that purports to be all about the privacy of its users. Apple talks the talk but sits out the walk.
The fact that you cannot lock access to this automation makes it useless-so easy to disable. Apple is losing its reputation for security bit by bit. Clearly just added as an afterthought
In the interests of enhanced privacy, some third-party iOS apps include an option to require passcode or Face ID authentication before they can be opened, even though the iPhone is already unlocked. This puts the app's contents behind an additional layer of security, but not all apps offer the same facility.
Until recently, Apple did not offer a way to individually lock sensitive apps like Photos, and iPhone users had to resort to Screen Time's App Limits as a workaround. Fortunately however that's no longer the case, because you can now create an additional security barrier for any app on your iPhone using a shortcut action new to iOS 16.4.
Apple has added several new actions to the Shortcuts app, and the one that interests us here is Lock Screen. The Lock Screen action essentially allows you to set up a personal automation that automatically locks your iPhone when a specified app is opened.
Of course, this action should pose no access issues for you as the iPhone owner, but it does mean that anyone else trying to open the app first needs to pass facial authentication or enter your passcode even though your iPhone was unlocked when they tapped the app icon.
The following steps guide you through the process of setting up a personal automation that will instantly lock your iPhone when the app of your choosing is opened.
Your personal automation is now complete and should automatically spring into action the next time you open the chosen app. Note that the same Lock Screen action can also be found in macOS 13.3, but bear in mind that there may be other ways to access the contents of a Mac app without launching it.
- Launch the Shortcuts app on your iPhone.
- Tap the Automation tab at the bottom of the screen.
- Tap the + button in the top-right corner, then tap Create Personal Automation.
Scroll down and tap App.- Make sure Is Opened is ticked on the next screen, then tap Choose.
Select an app from the list, then tap Done.- Tap Next, then tap the blue Add Action button on the next screen.
Start typing "Lock Screen" into the text field and select Lock Screen when it appears in the results below, then tap Next.- Toggle off the switch next to Ask Before Running.
Tap Don't Ask in the pop-up prompt, then tap Done.
Article Link: How to Lock Specific iPhone Apps Behind Face ID or Your Passcode
Apple is losing ground on the security front. This is full of holes. I.e. Disable automation -> run app
In the interests of enhanced privacy, some third-party iOS apps include an option to require passcode or Face ID authentication before they can be opened, even though the iPhone is already unlocked. This puts the app's contents behind an additional layer of security, but not all apps offer the same facility.
Until recently, Apple did not offer a way to individually lock sensitive apps like Photos, and iPhone users had to resort to Screen Time's App Limits as a workaround. Fortunately however that's no longer the case, because you can now create an additional security barrier for any app on your iPhone using a shortcut action new to iOS 16.4.
Apple has added several new actions to the Shortcuts app, and the one that interests us here is Lock Screen. The Lock Screen action essentially allows you to set up a personal automation that automatically locks your iPhone when a specified app is opened.
Of course, this action should pose no access issues for you as the iPhone owner, but it does mean that anyone else trying to open the app first needs to pass facial authentication or enter your passcode even though your iPhone was unlocked when they tapped the app icon.
The following steps guide you through the process of setting up a personal automation that will instantly lock your iPhone when the app of your choosing is opened.
Your personal automation is now complete and should automatically spring into action the next time you open the chosen app. Note that the same Lock Screen action can also be found in macOS 13.3, but bear in mind that there may be other ways to access the contents of a Mac app without launching it.
- Launch the Shortcuts app on your iPhone.
- Tap the Automation tab at the bottom of the screen.
- Tap the + button in the top-right corner, then tap Create Personal Automation.
Scroll down and tap App.- Make sure Is Opened is ticked on the next screen, then tap Choose.
Select an app from the list, then tap Done.- Tap Next, then tap the blue Add Action button on the next screen.
Start typing "Lock Screen" into the text field and select Lock Screen when it appears in the results below, then tap Next.- Toggle off the switch next to Ask Before Running.
Tap Don't Ask in the pop-up prompt, then tap Done.
Article Link: How to Lock Specific iPhone Apps Behind Face ID or Your Passcode
It isn’t. Your device passcode becomes the password for your Apple ID when you add the Apple ID to your device. It’s called a passkey.