Stolen Device Protection to thwart iPhone thieves with passcodes with time delay

13»

Comments

  • Reply 41 of 55
    maltzmaltz Posts: 465member
    DGDMN said:
    Apple makes this "SOUND" great.  I'm not sure how helpful a 1 hour window is to prevent Apple IDs from being reset.

    If Apple cared about thieves taking over Apple IDs, they would require questions to be answered, along the line of first pet, mothers name.

    Ugh.  Security questions...  So often I've run across situations where people have either forgot what they entered, or can't match the spelling/syntax exactly enough to get back in.  (Did I spell that as "Springfield Jr High"?  Or "Springfield Junior High"?  Or "Springfield Junior High School"? or "SJHS"?  or "Springfield Bulldogs"?  or...)  Also, a lot of the people someone knows personally also knows the answer to many security questions, especially family.  They may protect against random strangers, but it actually makes things easier for an estranged spouse or sibling trying to gain access to your account.  They're also often stored as plain text, to be flexible about capitalization and such, and the same questions pop up across multiple sites.  It's like all the worst practices we've known for decades not to do with passwords, deployed as a mechanism that is often used to reset lost passwords.  /facepalm

    I actually treat them just like a password and enter random phrases, which are stored under the account in my password manager.  (I use phrases instead of actual random characters in case I ever need to read it aloud to customer service.)

    XeddewmeAlex1Nwatto_cobra
  • Reply 42 of 55
    MarvinMarvin Posts: 15,362moderator
    DGDMN said:
    Apple makes this "SOUND" great.  I'm not sure how helpful a 1 hour window is to prevent Apple IDs from being reset.

    If Apple cared about thieves taking over Apple IDs, they would require questions to be answered, along the line of first pet, mothers name.
    I thought the same but it says it requires biometrics too so the 1 hour timeframe should be ok:

    "With Stolen Device Protection active, users won't be able to change critical portions of their Apple ID or device settings without waiting an hour and authenticating biometrics twice."

    So you need biometrics to start the process of changing sensitive data, then wait an hour, then biometrics again. That should be enough to stop it happening. This is a very nice addition to the security.

    Banking apps use biometrics and thieves won't be able to add new biometrics without the approval process either so this should be much safer than before.
    Alex1Nwatto_cobra
  • Reply 43 of 55
    Finally! This is perfect, the 3 times I had an iPhone stolen, the thief quickly turned the device off and vanished.

    Just wish they would require biometrics when turning the device off. 
    watto_cobra
  • Reply 44 of 55
    sflocalsflocal Posts: 6,100member
    I wonder if this is just an encapsulated feature of screen time.  I already have all this activated in the event my phone gets stolen.  There is no way a thief will get access to my phone and change credentials.  It does take a few steps to set it up but once set up, it gives me peace of mind.
    Alex1Nwatto_cobra
  • Reply 45 of 55
    mknelsonmknelson Posts: 1,128member
    Our Service department has noted this may add hours to repairs. An hour for your new iPhone battery or display and you didn't sign out of FMI at home. Well, it could now be 3 hours!
    dewmewilliamlondonwatto_cobra
  • Reply 46 of 55
    nofeernofeer Posts: 2,427member
    adbe said:
    nofeer said:
    I have 2FA also recent security articles say to use screen time passcode to prevent this

    doesnt screen time passcode work
    or do we need more ?? 
     
    Screen time password does not work. You only need the main passcode to disable it. At best it slows down the process by a few seconds.
    set screen time passcode different than your actual code make sure you remember it.   i use a family members and they use mine
    Alex1Nwatto_cobra
  • Reply 47 of 55
    Not sure how to feel about this. My phone Face ID kinked out and I can’t get it to recognize me for anything. 
    Sounds like you set up FaceID wrong.  When you set up FaceID, keep looking straight at the phone while you move your head around in a circle.  Maintain eye contact with the circle on the phone with your head in the circle as you move your head around, watching the green bars show it is complete.  If your FaceID doesn't work, sounds like you broke your phone.
    Alex1Nwatto_cobra
  • Reply 48 of 55
    BirderGuy said:
    I’m not sure why this is necessary if you have two factor authentication set up.  Even if they get into the phone they would need the code sent to a trusted device.  No?  


    TFA isn't required on the iPhone because it is already your trusted device.  So once you log into your phone with FaceID or passcode, you can go right into the iCloud settings and change the password using the passcode, if the thief duped you and got you to enter the code while they watch you.  So within seconds, they can change your AppleID password and sign you out of all of your other devices and then lock you out of everything.

    This new feature prevents that from happening while you are away from home and the feature activates.  Then it requires two FaceID authentications, one hour apart.  So then you have a chance to log into iCloud and disable the iPhone and protect your account.
    edited December 2023 muthuk_vanalingamAlex1Nwatto_cobra
  • Reply 49 of 55
    Not sure how to feel about this. My phone Face ID kinked out and I can’t get it to recognize me for anything. 
    Just redo it after deleting the defective one. 
    Alex1Nwatto_cobra
  • Reply 50 of 55
    longfang said:
    nofeer said:
    Xed

    great suggestions but how to do this--4 character long press ???
    PS: I recommend to not use a PIN. Use a complex passcode. You have those long-press characters on the iOS and Mac keyboards, too, which means you can make a simple 4-character passcode that has over 3 billion possible combinations by using one of those characters. It also makes it a lot more difficult for something to see what you're typing in over a regular keyboard or a number pad.
    I have an iPhone 5 that’s currently locked out for the next few months because I forgot which pin i set for it and kept inputting the wrong one. 
    Put the phone in DFU mode and reset the iPhone.
    Alex1Nwatto_cobra
  • Reply 51 of 55
    Giving the current trajectory in this country…Apple might need to continue expanding the theft prevention team
    watto_cobra
  • Reply 52 of 55
    nofeernofeer Posts: 2,427member
    What about adding a voice print 
    like a phrase
    what is your birth date
    My birthday is——-
    where you speak a response phrase 
    I like layers of security especially for critical settings 
    or require touch or Face ID to change critical settings 
    Or develop iPhone with BOTH touch and Face ID and critical settings require both 
    Alex1Nwatto_cobra
  • Reply 53 of 55
    Wesley HilliardWesley Hilliard Posts: 206member, administrator, moderator, editor
    Everyone saying to use Screen Time forgets that if a thief has access to your device (without Stolen Device Protection) the thief can use the passcode to learn your Apple ID and password from keychain then use that to unlock Screen Time. Sure, it's an extra step, but you're only adding a couple of minutes to the thief having access to change your password.

    Stolen Device Protection can't be bypassed without access to the original user's fingerprint or face, twice, in an hour. If anyone can think of how to bypass that without kidnapping the victim, then I think the feature works.
    watto_cobra
  • Reply 54 of 55
    XedXed Posts: 2,627member
    Everyone saying to use Screen Time forgets that if a thief has access to your device (without Stolen Device Protection) the thief can use the passcode to learn your Apple ID and password from keychain then use that to unlock Screen Time. Sure, it's an extra step, but you're only adding a couple of minutes to the thief having access to change your password.

    Stolen Device Protection can't be bypassed without access to the original user's fingerprint or face, twice, in an hour. If anyone can think of how to bypass that without kidnapping the victim, then I think the feature works.
    Keychain is better than nothing, but it's not a proper password manager.
  • Reply 55 of 55
    I guess this will not work for people who have a Touch ID device but have faint fingerprints that don’t work with the Touch ID sensor.
Sign In or Register to comment.