A sophisticated, albeit troubling, tactic is making headlines as some iPhone thieves learn how to permanently lock users out of their devices. This method, which exploits the recovery key feature, poses a significant challenge for affected users, potentially leaving them without access to their photos, messages, and other data. Even worse, some victims have reported financial losses as criminals gain entry to banking apps, according to The Wall Street Journal.
How Does This Happen?
This type of device hijacking isn’t easy to execute—it demands both physical and digital access. Criminals must first observe a user’s passcode, often by surreptitiously watching in public spaces like bars or events. Alternatively, they might trick the user into sharing their passcode before physically stealing the device.
Once armed with the passcode, thieves can:
- Change the Apple ID associated with the device.
- Disable “Find My iPhone” to make tracking impossible.
- Reset the recovery key—a 28-digit code essential for Apple account recovery.
If a thief resets the recovery key, the original owner is left locked out permanently, unable to regain access to their Apple ID or data.
Apple emphasizes that users are responsible for safeguarding both their recovery key and trusted devices, as losing them can result in permanent account inaccessibility. While Apple is exploring additional protections, security experts suggest that the company could improve by offering more robust account recovery options for such cases.
Practical Steps to Safeguard Your Device
Here’s how you can reduce your risk and protect your iPhone from such threats:
1. Guard Your Passcode
- Use Face ID or Touch ID to unlock your device in public instead of entering your passcode manually.
- Opt for a longer, alphanumeric passcode, which is harder to guess.
- Change your passcode immediately if you suspect someone has seen it.
2. Enable Screen Time Restrictions
An unofficial but widely shared workaround involves using the Screen Time feature. Here’s how:
- Within your Screen Time settings, set up a secondary password.
- This password will act as an extra layer of protection, preventing anyone from changing your Apple ID without authorization.
3. Back Up Your Data Regularly
- Regularly back up your device via iCloud or iTunes to ensure your data is retrievable.
- Consider storing vital files, photos, and sensitive information on alternative cloud services like Google Photos, Microsoft OneDrive, or Dropbox for additional security.
While these steps won’t prevent someone from accessing your device if stolen, they can significantly reduce the fallout by ensuring your data is backed up and harder to manipulate.
By staying vigilant and leveraging these safeguards, you can outsmart would-be thieves and protect your digital life.