There’s a scary new trend you should be aware of that iPhone thieves are using. Intrepid criminals have found a way to bypass Apple’s protections that should prevent most thieves from getting into your iPhone. A series of Wall Street Journal reports showed that thieves will steal iPhones after seeing someone use the Lock Screen password to unlock the phone in a public place like a bar. The attackers quickly use the password to take over the Apple ID by setting up an impenetrable new security key. This essentially locks the victim out of their own Apple account.
After that, the attackers can use the device to rack up purchases using the victim’s cards until they get canceled. And they can wipe the phone completely and sell it, since your Apple ID no longer prevents the handset’s reactivation.
If this has already happened to you, then you probably know Apple usually doesn’t offer much help. And that’s something the company has to change so thieves can no longer employ the method above to take over iPhones and get complete control over someone’s Apple ID. Until that happens, I’ll show you two key iPhone settings to change so that thieves won’t be able to get into your Apple ID. You’ll also find a bonus setting that’s equally important for stopping the other thieves who try to use other tactics to steal your phone.
Set up a strong password with Face ID
If you don’t have a Face ID and password combination set for your Lock Screen, thieves will get into your phone the instant they get their hands on it. Therefore, the first thing you should do when setting up the iPhone is to enable Face ID and create a strong password longer than six characters.
Then ensure you always use Face ID when you’re out and about. If the first authentication attempt fails, try again rather than inputting the password in a public place. Also, change that password occasionally if you think other people know it.
Thieves use the trick The Journal described because a six-digit password is easy to remember. If you’re using only four digits, it’s even easier. Follow these steps to set up a strong alphanumeric iPhone password that they couldn’t possibly remember as easily.
- Open the Settings app
- Tap the Face ID & Passcode menu
- Enter your current passcode
- choose Change Passcode
- Verify your old passcode again but don’t enter another six-digit code
- Tap on the Passcode Options menu button above the keyboard
- Go for Custom Alphanumeric Code
- Set up a strong password
Use Screen Time to prevent an Apple ID account takeover
Let’s say your password isn’t strong enough despite being longer than six characters. Or that the thieves that stole your iPhone have a photographic memory and remember your long, unique password.
To stop them from getting into your Apple ID account and using a security key to lock you out, you need to stop yourself from getting into the Apple ID unless you know the Screen Time password.
This is a great stopgap security feature The Journal describes. Here’s how to enable a Screen Time password for your Apple ID:
- Open the Settings app
- Tap Screen Time
- Scroll down to set a password for it, and make sure you remember it (or change it from time to time if you have it enabled)
- Enter your Apple ID credentials so you can recover the Screen Time password if you forget it
- Go to Content & Privacy Restrictions
- Toggle on the Content & Privacy Restrictions
- Scroll down to Allow Changes
- Tap Account Changes and select Don’t allow
- You can also block Passcode Changes at this step
Once this setting is enabled, you can no longer access your Apple ID on your iPhone unless you repeat the steps above to allow changes to your account. That’s a hassle that might pay off in the long run.
Blocking Passcode Changes also removes the Face ID and Passcode menu from the Settings app. So thieves can’t change the phone’s password.
Disable Control Center access on the Lock Screen
When you forget your iPhone or thieves steal it, you’ll want to always be able to track it with the Find My app. But thieves can turn on Airplane mode if you have Control Center enabled on your Lock Screen, making Find My iPhone tracking impossible.
This trick isn’t useful in case the criminals have seen your Lock Screen password. Because once they unlock the phone, they’ll have access to everything, Control Center included. But it’ll protect you in other cases.
Here’s what you need to do to enable Find My:
- Open the Settings app
- Tap the Apple ID name
- Go to Find My
- Enable all the features in the menu
You’ll then want to disable Control Center access on Lock Screen:
- Open the Settings app
- Tap the Face ID & Passcode menu
- Scroll for the Allow Access When Locked menu
- Disable Control Center
- Also, disable Accessories so others can’t use USB devices with a locked iPhone
These security features also apply to the iPad. You should enable them as fast as possible to ensure thieves can’t do much with your iPhone.
Hopefully, Apple will find a way to prevent thieves from changing Apple ID in the way The Journal described. Or that it’ll make Apple ID recovery easier for victims via new procedures that can bypass recovery keys.