Use iOS 17.3’s Stolen Device Protection to Reduce Harm from iPhone Passcode Thefts | Computer Hardware

Use iOS 17.3’s Stolen Device Protection to Reduce Harm from iPhone Passcode Thefts | Computer Hardware

Last year, a series of articles by Wall Street Journal reporters Joanna Stern and Nicole Nguyen highlighted a troubling pattern of crimes targeting iPhone users. A thief will discover the victim's iPhone passcode, swipe the iPhone and run away. With just a passcode, a thief can quickly change a victim's Apple ID password, lock them out of their iCloud account, and access apps and data on iPhones to steal money, buy things, and wreak digital havoc. can use

In essence, Apple allowed the passcode, which could be determined by shoulder surfing, covert filming, or social engineering, to be too powerful, and criminals exploited the weakness. It's best to use Face ID or Touch ID, especially in public, but some people continue to rely entirely on a passcode.

Apple has now fixed the issue for new iPhone users. Stolen device protection Feature in iOS 17.3 It protects important security and financial measures by requiring biometric authentication — Face ID or Touch ID — when you're not in a familiar location like home or the office. Critical operations also trigger an hour-long security delay before a second biometric verification. We recommend anyone who uses Face ID and Touch ID to turn on stolen device protection. The feature isn't available for iPads or Macs, but neither is likely to be used in places like crowded bars where many iPhones are snapped up.

How Stolen Device Protection Works

The location aspect of stolen device protection is key. When you're in a “key location,” a location that your iPhone has repeatedly determined you to be, you can do everything related to security and financial details just like you've done in the past. are, including using a passcode as an alternative or fallback. .

However, when you're in an unfamiliar location, as you likely would be if you were in a public place where someone could steal your iPhone, Stolen Device Protection requires biometric authentication:

  • Use passwords or passkeys stored in a keychain.
  • Use payment methods saved in Safari (autofill)
  • Turn off lost mode.
  • Erase all content and settings.
  • Apply for a new Apple Card.
  • View the Apple Card virtual card number
  • Perform some Apple Cash and Savings actions in Wallet (for example, transfer Apple Cash or Savings)
  • Use your iPhone to set up a new device (for example, Quick Start).

Some actions have more serious consequences, so Stolen Device Protection requires biometric authentication, a one-hour security delay—displayed with a countdown timer—and then another biometric authentication. Is. The delay reduces the chances of an attacker forcing you to authenticate with the threat of violence. When you want to, you'll have to go through a delay in addition to double authentication:

  • Change your Apple ID password (Apple notes that this may temporarily prevent your device's location from appearing on iCloud.com)
  • Sign out with your Apple ID.
  • Update Apple ID account security settings (such as adding or removing a trusted device, recovery key, or recovery contact)
  • Add or remove Face ID or Touch ID.
  • Change your iPhone passcode.
  • Reset all settings.
  • Turn off Find My.
  • Turn off stolen device protection.

There are a few caveats to keep in mind:

  • The iPhone's passcode still works for purchases made with Apple Pay, so a thief can steal your passcode and iPhone to buy things.
  • Although Apple says it's required, you can turn off key locations to require additional biometric authentication and security delays everywhere. This will eliminate the worry of a thief using key locations to navigate to your latest acquaintance in an attempt to bypass additional authentication.
  • If you plan to sell, give away, or trade in your iPhone, be sure to turn off stolen device protection first. Once it is out of your physical control, no one else can reset it.

Turn on stolen device protection.

Before you begin, note that Apple says you must use two-factor authentication for your Apple ID (everyone should have one anyway), set up a passcode for your iPhone. , turn on Face ID or Touch ID, enable Find Turn on My, and Important Locations (Settings > Privacy & Security > Location Services > System Services > Important Locations), although this last one doesn't seem desirable.

Then, go to Settings > Face ID/Touch ID & Passcode, enter your passcode, and tap Turn on protection. (Tap Turn-off protection to remove its additional protection if it's enabled.)

Once stolen device protection is turned on and you are in an unknown location, the above operations will require either biometric authentication or two biometric authentications separated by an hour-long security delay. Will be needed.

There's one group of people who shouldn't turn on stolen device protection: People for whom Face ID or Touch ID don't work. Most people have no problem with Apple's biometric technologies, but some people have lost their fingerprints or other physical characteristics that confuse Touch ID or, less commonly, Face ID.

If this is you, stick to our general recommendation to discourage potential iPhone theft: Never enter your iPhone passcode publicly where it can be seen.

(Featured Image by iStock.com/AntonioGuillem)

About the Author

Leave a Reply