iOS 17 Gives You 72 Hours to Undo an iPhone Passcode Change

[fredrik9]

Cannot find an erase button for a post???

 

[fredrik9]

The whole point of a password manager is that the master password is so strong and it is extremely hard to “hack”. The password must of course be hashed, salted and peppered (google it) which it will be automatically in any good service like Bitwarden, 1password or iCloud Keychain.

Even if the password is leaked, the attacker would have no way of seeing what the password actually is, it would be too scrambled. In addition, you would use two-factor authentication like Google Authenticator to log in to your password manager from new devices. The best way is password manager. Using password restore like you do, makes you vulnerable to man-in-the-middle attacks and social engineering attacks.

 

[Radeon85]

Can everyone please read the article before criticizing? The article fully explains that you have the option to instantly, fully, cancel your old password (ie - the same behavior as now) if you want to. This is not any less secure than it was.

Have none of you ever changed your password on your laptop/iPhone/etc before and then gone a few days without typing it in - only to be stumped the next time you get a password prompt? I’m not even very old and have had this situation happen. In that case it’s helpful to be able to use the one you were using for the last year that you still remember.

As for “who changes their password without reason”… ummm… everyone that cares at all about security? Regularly changing passwords (even if just every year or so) is one of the simplest suggestions for password security.

I've read it first and yes you can override it by cancelling your old passcode immediately, but to me this is still a security risk even a temporary one if someone hasn't tapped on that option. If they want to keep the option then reduce it to 12 or 24 hours, 72hrs is far too long.

And no, I haven't forgotten passwords on something I use regularly especially on device that stores a hell of a lot of my data, and remembering a passcode in all numbers is far easier than something with random characters or a randomly generated password.

 

[JosephAW]

Time for retina scan from vision pro to come to iPhone.

 

[svish]

Will prove to be extremely useful in some cases

 

[_Spinn_]

Both this option and option to expire it immediately? Very well done. No sarcasm here. This is awesome.

Sometimes your memory will keep you hanging with the new passcode but your muscle memory will save you. And sometimes you need to do and enforce the change like a minute ago because of circumstances.

Well done Apple 👏

Yeah I’m glad they are allowing the choice.

 

[ijordano]

Whilst spotlighting new features can be great, I also wonder if perhaps things like this are better kept quiet and not publicised too much?