After months of investigating successful iPhone robberies, Apple ID erasures, and drained bank accounts, senior tech columnist for The Wall Street Journal, Joanna Stern, concluded that thieves only need that four-digit pin code you use to unlock your phone to erase your personal data.
Here’s how they do it. The thief is oftentimes someone who befriends iPhone users at a bar. Then, they sneakily observe the users as they input their routine four-digit PIN. When the victim is the least aware, the thief tactfully swipes the phone away and inputs the passcode to unlock the device. The rest is history.
Unfortunately, Stern’s findings confirm this isn’t the case. After unlocking the device, a thief can use the pin to reset your Apple ID. Then the thief can block the phone’s FindMy access, along with any other devices associated with the account, and access anything backed up to your iCloud.
Very quickly, your hands become virtually tied as you can’t remotely wipe your device. But, the thief can now turn on a recovery key, change the trusted phone number and email address, and remove any recovery contacts. The thief can also access financial accounts and apps like Venmo or Apple Pay — all from that simple little passcode.
Stern’s discovery left me feeling unsettled. A lot more is riding on my phone’s four-digit code than I previously realized.
Besides prioritizing the use of the iPhone’s FaceID and TouchID security measures, I found the simplest way to mitigate such risks to be making my iPhone passcode more difficult. Why not start at the root of the potential problem?
How to change and complicate your iPhone passcode
No matter where you are, your iPhone’s biometric security measure (FaceID or TouchID) should be your default method of unlocking. If you do find yourself needing to unlock via a numeric or alphanumeric code, make sure you do so privately, shielding the process from prying eyes. And if you’re too drunk to remember a more complicated passcode, perhaps it’s time to go home.