Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
One could (for quite a while now) setup a screen time restriction and a secondary passcode to lock out passcode or account changes.

I have had this on devices for quite some time now.
I tried that, then I had an idea.
I went to iCloud.com
passcode to enter saved password.
2 more steps and I was changing the password from the website. Screen Time restrictions did nothing to prevent it from being done on the website. so I removed it as it caused a bunch of other complexities too.
 


The first iOS 17.3 beta rolling out to developers today includes a new "Stolen Device Protection" feature that is designed to add an additional layer of security in the event someone has stolen your iPhone and also obtained the device's passcode.

ios-stolen-device-protection.jpg

Earlier this year, The Wall Street Journal's Joanna Stern and Nicole Nguyen reported about instances of thieves spying on a victim's iPhone passcode before stealing the device, often in public places like bars. The thief can then reset the victim's Apple ID password, turn off Find My, view passwords stored in iCloud Keychain for banking and email accounts, and more. All in all, the report said thieves can essentially "steal your entire digital life."

When Stolen Device Protection is turned on, Face ID or Touch ID authentication is required for additional actions, including viewing passwords or passkeys stored in iCloud Keychain, applying for a new Apple Card, turning off Lost Mode, erasing all content and settings, using payment methods saved in Safari, and more. No passcode fallback is available in the event that the user is unable to complete Face ID or Touch ID authentication.

For especially sensitive actions, including changing the password of the Apple ID account associated with the iPhone, the feature adds a security delay on top of biometric authentication. In these cases, the user must authenticate with Face ID or Touch ID, wait one hour, and authenticate with Face ID or Touch ID again. However, Apple said there will be no delay when the iPhone is in familiar locations, such as at home or work.

The opt-in feature can be found in the Settings app under Face ID & Passcode → Stolen Device Protection. iPhone users who update to the iOS 17.3 beta will be prompted with the option to test a preview of the feature following installation, but Apple said this screen will not be shown to users who install the public version of iOS 17.3 coming later.

Actions that will require Face ID or Touch ID authentication when the feature is turned on:
  • Viewing/using passwords or passkeys saved in iCloud Keychain
  • Applying for a new Apple Card
  • Viewing an Apple Card virtual card
  • Turning off Lost Mode
  • Erasing all content and settings
  • Taking certain Apple Cash and Savings actions in Wallet
  • Using payment methods saved in Safari
  • Using your iPhone to set up a new device
Actions that will require Face ID or Touch ID authentication and have a one-hour security delay when the feature is turned on:
  • Changing your Apple ID password
  • Updating select Apple ID account security settings, including adding or removing a trusted device, trusted phone number, Recovery Key, or Recovery Contact
  • Changing your iPhone passcode
  • Adding or removing Face ID or Touch ID
  • Turning off Find My
  • Turning off Stolen Device Protection
Apple said it plans to share additional documentation about Stolen Device Protection over time to clarify how the feature works. The option will be available on all iPhone models that are compatible with iOS 17, including the iPhone XS and newer. iOS 17.3 will likely be released to the public in January or February.

Article Link: iOS 17.3 Beta Adds New Stolen Device Protection Feature to iPhone
When I tested it, I did a Settings, General, Transfer or reset iphone, Reset, Reset All Settings to try to fix another bug. After Reset all settings I found there was no passcode or face ID. Turn Wifi or cellular back on and thief can add a new passcode and FaceID which can then be used to turn off the new protection. That then opens the phone for resetting AppleID password using passcode which is the current security hole that Apple introduced a couple of years ago.
Reset all settings needs to be added to the protected action list IMO.
Someone else please test it, get your partner to play the “thief that knows your passcode.” Backup first!
 
When I tested it, I did a Settings, General, Transfer or reset iphone, Reset, Reset All Settings to try to fix another bug. After Reset all settings I found there was no passcode or face ID. Turn Wifi or cellular back on and thief can add a new passcode and FaceID which can then be used to turn off the new protection. That then opens the phone for resetting AppleID password using passcode which is the current security hole that Apple introduced a couple of years ago.
Reset all settings needs to be added to the protected action list IMO.
Someone else please test it, get your partner to play the “thief that knows your passcode.” Backup first!

I’m assuming you reported that to Apple in the feedback app?

A simple solution is for Apple to add “reset all settings” to the protection list.
 
A simple solution is for Apple to add “reset all settings” to the protection list.
Also for the last year or so I have had Screen time locked with a different passcode with account and passcode changes disallowed. That also stops reset all settings and has served to block the passcode thieves up until they fix this.
 
I tried that, then I had an idea.
I went to iCloud.com
passcode to enter saved password.
2 more steps and I was changing the password from the website. Screen Time restrictions did nothing to prevent it from being done on the website. so I removed it as it caused a bunch of other complexities too.
Do you have your AppleID Password saved in your Keychain too? I absolutely do not have my AppleID password in my Keychain. That is a terrible practice and idea.

Only way this works that way is if the person a) knows your AppleID Password, or b) you make the mistake of saving your AppleID password in your keychain.

You have to know the old AppleID password in order to change it.
 
I tried that, then I had an idea.
I went to iCloud.com
passcode to enter saved password.
2 more steps and I was changing the password from the website. Screen Time restrictions did nothing to prevent it from being done on the website. so I removed it as it caused a bunch of other complexities too.
I could get into icloud.com and more importantly appleid.apple.com with my thumb over the faceid camera using iphone passcode (after 3 failed faceid attempts) but could not change password without knowing old password. What two steps were the ones you made?
 
  • Like
Reactions: ADrunkenMarcus
I could get into icloud.com and more importantly appleid.apple.com with my thumb over the faceid camera using iphone passcode (after 3 failed faceid attempts) but could not change password without knowing old password. What two steps were the ones you made?
I believe they have / had their AppleID password saved in their Keychain.
 
  • Wow
Reactions: Realityck
Just curious...stolen device protection is designed to kick in when you are "away from your familiar locations" - were your tests done Away from your familiar location?
Not quite, the protection requiring biometrics to do certain security changes is turned on by the user and is “always-on”.
The “away from familiar locations” aspect also adds a 1-hour delay even with biometric confirmation.

The current bug in beta 1 is that for me and some other testers the darned thing does not recognise my home so I have to wait an hour to turn it off or change my passcode even on my sofa!
 
Last edited:
  • Like
Reactions: Realityck
Not quite, the protection requiring biometrics to do certain security changes is turned on by the user and is “always-on”.
The “away from familiar locations” aspect also adds a 1-hour delay even with biometric confirmation.

The current bug in beta 1 is that for me and some other testers the darned thing does not recognise my home so I have to wait an hour to turn it off or change my passcode even on my sofa!

Can you have two Homes?
 
Actions that will require Face ID or Touch ID authentication when the feature is turned on:

Is this absolute?

I have no issues with any of this, and it seems to be good idea to improve overall security. However, what would be the plan for a situation where Face ID or Touch ID has a hardware failure?

I am someone who was unfortunate enough to have an intermittent hardware failure in the Face ID camera on my 13 Pro. No amount of software resetting could fix or get it working without physically tapping it. Several gentle face-down taps on a hard surface and then it would immediately recognize me and unlock. This was my routine every single time I needed access to my phone for well over a year.
 
Last edited:
Yes as the idea is that with this on, even with the device password and the phone, the Apple ID and certain other items are protected.

Yes, I get it. But then you're reliant solely upon a certain piece of hardware to never fail... and nothing better happen to your finger(s) or your face. I don't have the answers, nor am I arguing against this security implementation... I just wonder how you get around such things now.

I have my passwords on a piece of paper in my safe deposit box at the bank. If anything ever happens to me, my family will subsequently have access to my stuff, which is the plan. If I implemented this additional security, it sounds like they'd be locked out of certain things permanently without my face.

What about somebody who is injured on the job and loses the only finger registered to Touch ID. What if somebody has an auto accident where their face went through the windshield? They're bandaged or permanently disfigured. What if these extra security measures were already put in place?

There really is no plan B here? Some kind of AppleID 2FA using the iCloud website and multiple devices?
 
  • Like
Reactions: dk001
Yes, I get it. But then you're reliant solely upon a certain piece of hardware to never fail... and nothing better happen to your finger(s) or your face. I don't have the answers, nor am I arguing against this security implementation... I just wonder how you get around such things now.

I have my passwords on a piece of paper in my safe deposit box at the bank. If anything ever happens to me, my family will subsequently have access to my stuff, which is the plan. If I implemented this additional security, it sounds like they'd be locked out of certain things permanently without my face.

What about somebody who is injured on the job and loses the only finger registered to Touch ID. What if somebody has an auto accident where their face went through the windshield? They're bandaged or permanently disfigured. What if these extra security measures were already put in place?

There really is no plan B here? Some kind of AppleID 2FA using the iCloud website and multiple devices?

This solution is not, IMHO, user friendly by any means. Instead of something easy and simple Apple went for the timed hardware specific complexity.
 
  • Like
Reactions: sparky672
There really is no plan B here? Some kind of AppleID 2FA using the iCloud website and multiple devices?

Plan B is the same as if you lose your iPhone entirely or forget the phone passcode in that the phone will likely need to be restored from a backup.

Either use another “known device” to access your account or in the worse case scenario use one of the account recovery methods (recovery contact or recovery key).
 
  • Like
Reactions: sparky672
This solution is not, IMHO, user friendly by any means. Instead of something easy and simple Apple went for the timed hardware specific complexity.

Apple making things user friendly and easy is what resulted in the ability to reset the Apple ID password with nothing but the iPhone passcode in the first place. This is simply an optional feature to lock that down.
 
Last edited:
  • Haha
Reactions: dk001
Yes, I get it. But then you're reliant solely upon a certain piece of hardware to never fail... and nothing better happen to your finger(s) or your face. I don't have the answers, nor am I arguing against this security implementation... I just wonder how you get around such things now.

I have my passwords on a piece of paper in my safe deposit box at the bank. If anything ever happens to me, my family will subsequently have access to my stuff, which is the plan. If I implemented this additional security, it sounds like they'd be locked out of certain things permanently without my face.

What about somebody who is injured on the job and loses the only finger registered to Touch ID. What if somebody has an auto accident where their face went through the windshield? They're bandaged or permanently disfigured. What if these extra security measures were already put in place?

There really is no plan B here? Some kind of AppleID 2FA using the iCloud website and multiple devices?
Re if you lose a finger you should use all 4 fingerprints available including one for a trusted family member. Use the alternative faceID on faceID phones
Re if the biometrics system fails the only option is DFU in recovery mode.
Re if your biometrics are not working now, you simply don’t turn it on and you are no worse off than now, but you can set a screen time passcode different than the main passcode then disable account and passcode changes. Unfortunately your password keychain cannot be protected that way (same as now)
 
Can you have two Homes?
Currently it is called “familiar places” but who knows what that means.
I have put in an FB request for users to choose familiar places, I would not want the iphone to choose in case the saloon bar was included.
It’s what you get if you design a system without getting user requirements first. Any other IT folk out there? I’m sure you’d agree
 
  • Like
Reactions: dk001
Apple making things user friendly and easy is what resulted in the ability to reset the Apple ID password with nothing but the iPhone passcode in the first place. This is simply an optional feature to lock that down.

If I want additional security:
- Access code or bio to unlock.
- Second access code to do any changes.

Simple and effective. For everyday use, if I need to change things like my Apple ID or iCloud password, or allow lockdown of keychain, I want to ba able to do it now, not later. This current Apple solution is pretty much a miss or call it a very narrow scripted solution.
 
Re if you lose a finger you should use all 4 fingerprints available including one for a trusted family member. Use the alternative faceID on faceID phones

You'd have to be proactive and do these things beforehand.
 
Only took them a whole year to finally fix this but better late than never. This basically fixes it all. The only problem now is that 99% of users who aren't tech enthusiasts will never turn this on to begin with. Who regularly looks through their iPhone settings on the off-chance that there might be some new feature?

Apple better make this mandatory after a couple months of collecting usage data. Imagine if iPhone device encryption was optional, or if Apple hadn't made 2FA mandatory for new accounts. That wouldn't be sound security.

There really is no plan B here?
At home you don't need the biometrics. That seems like a good balance of security vs. convenience to me. If it's about a family member and you know their unlock code then they can just add your biometrics to their iPhone as well. With FaceID you can have two different faces and TouchID allows multiple fingers as well.

What if somebody has an auto accident where their face went through the windshield?
What if the iPhone ends up being defective, is lost or stolen or otherwise no longer usable? If you don't have backups then you're already at risk of losing all your iPhone data even without this new feature. And it's more likely for an iPhone to die than for you to be permanently disfigured.
 
Only took them a whole year to finally fix this but better late than never. This basically fixes it all. The only problem now is that 99% of users who aren't tech enthusiasts will never turn this on to begin with. Who regularly looks through their iPhone settings on the off-chance that there might be some new feature?

Apple better make this mandatory after a couple months of collecting usage data. Imagine if iPhone device encryption was optional, or if Apple hadn't made 2FA mandatory for new accounts. That wouldn't be sound security.


At home you don't need the biometrics. That seems like a good balance of security vs. convenience to me. If it's about a family member and you know their unlock code then they can just add your biometrics to their iPhone as well. With FaceID you can have two different faces and TouchID allows multiple fingers as well.


What if the iPhone ends up being defective, is lost or stolen or otherwise no longer usable? If you don't have backups then you're already at risk of losing all your iPhone data even without this new feature. And it's more likely for an iPhone to die than for you to be permanently disfigured.

One of the challenges with designing a solution like this is envisioning where and when it would be used. For standard everyday activities, it would not. It is the uncommon events and activities where this comes to the forefront. Knowing this you need to focus on the effect to normal activities and use case for “critical” activities.

This design fails from that perspective. It prevents but negatively impacts the critical use case.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.