I read a couple f articles this morning about iPhone security if a thief gets a hold of your phone. In brief, the article I am linking here takes info from a Wall Street Journal investigation that discuss what a thief might do if they get your phone. Here is a summary of the problem:
There’s a scary new trend you should be aware of that iPhone thieves are using. Intrepid criminals have found a way to bypass Apple’s protections that should prevent most thieves from getting into your iPhone. A series of Wall Street Journal reports showed that thieves will steal iPhones after seeing someone use the Lock Screen password to unlock the phone in a public place like a bar. The attackers quickly use the password to take over the Apple ID by setting up an impenetrable new security key. This essentially locks the victim out of their own Apple account. After that, the attackers can use the device to rack up purchases using the victim’s cards until they get canceled. And they can wipe the phone completely and sell it, since your Apple ID no longer prevents the handset’s reactivation.
The two mentioned solutions are set a strong alphanumeric passcode for Face ID and the second option is to set a Screen Time password for your Apple ID and then turn off Allow Account Changes.
The article spells it out in detail. The WSJ article that I did not post here has the story of a guy who had his phone stolen and the thieves locked hm out of his phone and now he's lost all his data including photos and documents. He says Apple will not help him at all even if he can prove who he is with a passport, birth certificate, etc.
I would be curious what everyone thinks of all this and if it's necessary, a good idea, or just over-kill.
There’s a scary new trend you should be aware of that iPhone thieves are using. Intrepid criminals have found a way to bypass Apple’s protections that should prevent most thieves from getting into your iPhone. A series of Wall Street Journal reports showed that thieves will steal iPhones after seeing someone use the Lock Screen password to unlock the phone in a public place like a bar. The attackers quickly use the password to take over the Apple ID by setting up an impenetrable new security key. This essentially locks the victim out of their own Apple account. After that, the attackers can use the device to rack up purchases using the victim’s cards until they get canceled. And they can wipe the phone completely and sell it, since your Apple ID no longer prevents the handset’s reactivation.
The two mentioned solutions are set a strong alphanumeric passcode for Face ID and the second option is to set a Screen Time password for your Apple ID and then turn off Allow Account Changes.
The article spells it out in detail. The WSJ article that I did not post here has the story of a guy who had his phone stolen and the thieves locked hm out of his phone and now he's lost all his data including photos and documents. He says Apple will not help him at all even if he can prove who he is with a passport, birth certificate, etc.
I would be curious what everyone thinks of all this and if it's necessary, a good idea, or just over-kill.