iOS 17.3 Beta Adds New Stolen Device Protection Feature to iPhone

[Morac]

@Morac, this (very insightful) solution assumes that Stolen Device Protection (SDP) is automatically reset to a disabled state as a consequence of the restore operation. That may be (and hopefully would be) the case, especially since Face ID itself is disabled and needs to setup anew after restoring a phone from a backup.

Nonetheless, have you had an occasion to test the approach, to verify that it works as expected in practice?

Since both the passcode and FaceID are reset on a restore I have no reason to doubt this will work.

In practice though, no one is going to go through the hassle to restore a broken phone. They will get a new one and restore a backup to it.

 

[Morac]

I have SDP set to always on my 15 Pro. Should Face ID fail, I would enter my phone passcode and have to wait an hour to make any changes.

That’s not how SDP set to always works. If FaceID fails, you are blocked from entering the passcode for protected actions. That’s the whole point of SDP.

 

[Apple_Robert]

@Apple_Robert, have you tested this solution?

For example, would you kindly be willing to (1) force Face ID to fail (e.g., by wearing sunglasses or a disguise) while attempting to access a password saved in Keychain at a "familiar location," (2) wait an hour, and (3) see if a prompt appears to enter a passcode in order to circumvent the Face ID failure? My understanding is that "no passcode alternative or fallback" mechanism exists (see here).

Thank you.

I took off my watch and made sure Face ID failed. The first three times trying to access Passwords, it told me Stolen Protection on on and Face ID was required to access passwords. I then tapped on the learn more option which brought up the Safari link that you linked to. After that, I tried again and got the following screen.

edit to add: After testing several different things, I was wrong with what I said. My apologies.