![]() But weeks after iOS 14 and iPadOS 14 were released, the Apple ID support sites, Apple Support app, and Find My app remain out of date with the use of this newly revived recovery key, even though various support documents have been updated to explain correctly some of the details of how it’s intended to work. Macworld has a lengthy explanation of why that is, beginning with why you shouldn’t do it now.Īpple has updated necessary pieces of iOS, iPadOS, and macOS to let you set a recovery key. You definitely won’t want to enable one now, and you may not want to do so ever … However, they now work in a different way. In those days, it was an extra precaution you could take against getting locked out of your account.Īpple abandoned recovery keys when it switched to a smarter two-factor authentication process, before reintroducing them in a new form in iOS 14. Users can enable Screen Time parental controls to further lock down their device, the report adds.We explained way back in 2014 why you might want to have an Apple ID recovery key. To protect a bank account, consider storing the password in a password manager that does not involve the device's passcode, such as 1Password. This can be done in the Settings app under Face ID & Passcode → Change Passcode. The report also recommends that users switch from a four-digit passcode to an alphanumeric passcode, which would be more difficult for thieves to spy on. In situations where entering the passcode is necessary, users can hold their hands over their screen to hide passcode entry. ![]() IPhone users should use Face ID or Touch ID as much as possible when in public to prevent thieves from spying on their passcode. "We work tirelessly every day to protect our users' accounts and data, and are always investigating additional protections against emerging threats like this one." How to Stay Protected "We sympathize with people who have had this experience and we take all attacks on our users very seriously, no matter how rare," an Apple spokesperson told The Wall Street Journal. In a statement shared in response to the report, Apple said it is "always investigating additional protections against emerging threats like this one." The report serves as a valuable reminder to protect your iPhone's passcode in public.įor more details, read our previous coverage. With unmitigated access to a stolen iPhone, the device's passcode, and the Apple ID password, thieves can steal money via Apple Pay and potentially other banking apps, view sensitive information like photos and emails, and more.Īpple's website does warn that losing access to both your trusted devices and recovery key means that "you could be locked out of your account permanently." In this scenario, however, thieves spying on iPhone passcodes before stealing the devices means that victims only need to lose their device in order to potentially be permanently locked out. "Apple's policy gives users virtually no way back into their accounts without that recovery key," the report states. Today's report places more focus on an additional step that thieves can take: using the stolen device to set or reset a recovery key, a randomly generated 28-character code that is required to regain access to an Apple ID once enabled. ![]() Subsequently, the thief can turn off Find My iPhone on the device, preventing the owner of the device from tracking its location or remotely erasing the device via iCloud. ![]() With knowledge of the iPhone's passcode, a thief can easily reset the victim's Apple ID password in the Settings app, even if Face ID or Touch ID is enabled. All of the victims interviewed in the initial report said their iPhones were stolen while they were out socializing at bars and other public places at night. The Wall Street Journal's Nicole Nguyen and Joanna Stern today published a report highlighting how thieves can use Apple's optional recovery key security option to permanently lock out iPhone users from their Apple ID account.Īs the journalists first revealed in February, there have been increasing instances of thieves spying on an iPhone user's passcode in public and then stealing the device in order to gain widespread access to the device and its contents, including financial apps.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |