My wife’s iphone 15+ was pick-pocketed in London in May. As soon as we discovered it was missing, we sent a lost device setting and then an erase setting on the phone at the London Apple Store. She purchased a replacement phone upon returning home. The stolen phone did not have lost/theft Applecare protection.
We didn’t bother reporting the theft knowing that would just take a bunch of vacation time to no useful purpose.
We have not yet deleted the phone from her Apple ID. Apparently the phone has been turned on a couple of times and we spotted it on the Find My network, first in Dubai and as of 3 weeks ago, in Hong Kong. We have also seen that someone has tried to reset to factory settings because we got a notice that we need to remove it from the Apple ID to reset it.
All her information is still on the phone since it needs to connect to the Internet to get the erase command. It appears as “erase pending” in Find My.
The question is: is it better to leave it attached to my wife’s Apple ID or should we disconnect it? Here are my primary goals:
Protect the private info on the device so it is never accessed,
Prevent the person (probably reseller) who has the phone from ever selling it for anything beyond parts by keeping it in its brick status.
Is the phone more likely to accomplish these goals with the Apple ID attachment or is that moot?
If they do manage to get through the 4 digit access code, is it better to have the Apple ID attachment or not. Does that keep it more secure?
Don’t remove it. If the phone hasn’t been able to wipe itself so far, then the thieves know how to protect against that. But if you remove it from your Apple ID, you will make it possible for the thieves to reset the device and sell it (or its parts).
Don’t give them the benefit of having easily-sellable parts. Leave it in your Apple ID forever.
It hasn’t happened to me yet, but I have been wondering the same as OP. I understand the advice to NOT remove from My Devices. But know I would feel very uncomfortable if the data was all still on the phone.
It’s a sort of catch-22. In order to erase remotely, the device needs to go online. In order to go online, it needs to connect to a known WiFi or to mobile data. But I’m sure most of us would cancel the data plan on a lost or stolen phone, so it’s unlikely that it will ever go online again.
Data cannot be extracted from the phone unless the people who have it know (or guess) the passcode.
Keep it on…and I always recommend setting a longer than 4 digit code…or selecting that option even if you’re only going to use 4…that way the bad guy just gets a prompt and no info on how long the code is. But really…setting an I digit code is only marginally longer to type in and one doesn’t actually have to put the code in very often.
If I remove it from my Apple ID (which I don’t intend doing) how can they reset it and make it usable. Don’t they have to get the phone unlocked first with th passcode?
Also, is there a way for them to find my phone number on the phone? We’re getting text messages from them about detaching it. After some search, these messages are identical to what others have received and posted.
We are getting text messages requesting us to detach it. How did they get the phone number to send the messages? Did they break into the phone and get it somehow? It’s not in the Medical ID screen. I suppose they have the name and maybe looked up the number. Can I tell if they’ve broken in past the 4 digit access code?
If you have a physical SIM card, they could probably stick it in another phone. If they did that before you canceled your cellular service, they would be able to get your phone number. And once they have that, it’s a simple matter of forging caller ID.
As for breaking the code, I’m not sure if you can tell. If they let it connect to the Internet, then your command to erase it will kick in and it will phone home with its location, but if it doesn’t have connectivity, then there’s no way for you or Apple to know anything about it.
The reason they want you to remove it from your iCloud is that if you do a factory reset and put it into recovery mode, it has to phone home as a part of the recovery process. And it will require iCloud credentials if the phone is still tied to your account (I’m not sure if recovery mode will process a remote-wipe as well). But if you remove it from your account, they can restore it to factory-blank state and sell it whole, which is probably more profitable than selling off the components that aren’t cryptographically paired with its motherboard.
Thanks, David. The Find My network did show the phone first in Dubai and then in Shenzen outside Hong Kong. Last location notice was 3 weeks ago. It’s an iPhone 15+, so pretty valuable (even includes Apple case :-) )
I does have the lost mode set and erase command set. It has an esim, and the number has been reassigned to a new iPhone 15+.
I don’t know if they can crack into it, having a 4 digit code (current one has 6). Plan is to keep it on Apple ID so it’s either a door stop or a pile of parts. We’ve also changed the Apple ID password just in case.
And in iOS 18 Apple has extended Activation Lock to some of the iPhone’s parts. Even though the parts can be reused in other phones they will be somewhat crippled, that is, they can’t be calibrated. MacObserver discusses it here.
Six is certainly better than four, but after reading this thread from last year, I decided to change my iPhone passcode to a full-fledged password. A bit of a hassle (iPhone prompts you every week or so to enter it, even with FaceID), but to me, worth it.
I found it a hassle to switch back and forth between text and numerals when entering a complex passcode for my phone. As a result, I chose to use only numerals in my phone’s passcode, but it’s a sequence 12 numerals long. It’s a combination of three numbers I know very well, but might be difficult for a shoulder-surfer to remember (unless he’s videoing me). Since I rarely enter my passcode when in public (because FaceID works fine for me even with a mask), I don’t have Stolen Device Protection enabled. I have almost nothing (e.g., Control Center, Siri, etc.) accessible when the phone is locked. I also have Settings>Face ID & Passcode>Erase Data [after 10 failed attempts] enabled. This way the thief only gets 10 chances to enter my 12 digits correctly. As with many other things, there’s a balance between security and convenience.
That’s good, but just turning on alphanumeric entry increases the quantity of possible passwords by a huge factor over just numeric. You can turn on alphanumeric but still only use numbers if you want.
Another great thing about using custom numeric is that there is no clue at the passcode entry screen how many numbers are in the passcode. Unlike a 4 or 6 digit passcode, where you just type in the PIN and don’t have to hit anything else, with custom numeric you enter your passcode and then need to hit “OK” on the screen. The OK appears as soon as you type the first number, so, again, there is no clue given when you’ve completed the number.
I also use custom numeric but if someone picks up my phone they have no idea how many numbers they need to type. I also have my phone set to erase after 10 incorrect attempts, so good luck trying to guess.
True. However, I like the large numeric keypad (0-9) that’s presented if I use ‘Custom Numeric’, whereas if I use ‘Custom Alphanumeric’ then I’m presented with the standard keypad that I have to switch to numbers then hit the tiny numbers on the alphanumeric keypad. Larger targets are better for my fat fingers. And I’m OK with giving the thief only 10 chances to correctly type my 12 digits. And as @ddmiller points out, when entering the 12 digit passcode there’s no indication on-screen when you’ve entered the correct number of digits. That’s enough security for me until I decide to start traveling in high risk areas.
If it has the latest iOS, then they probably won’t be able to break even a 4 digit code, because after a few failures, the phone will force you to wait for longer an longer intervals between attempts. At 1 hour between attempts (the maximum interval), it will take on average 5,000 hours (about 7 months) to brute-force a passcode. But (I think) after 10 failures, it will lock itself down so even a valid passcode will fail, requiring Apple (and valid iCoud credentials) to get back in. And you can configure it to auto-wipe after 10 failures.
There are hacking tools (like GrayKey, which is supposedly only for use by law enforcement) that claim to be able to quickly bypass passcodes without locking the device. I seem to remember reading that these tools rely on sercurity exploits that Apple patches when they find out about them, so they might not work if you were running the latest iOS.
FWIW, in addition to using a longer code, don’t actually choose “6 digit” from the configuration. Instead, choose a code of custom length. Even if the code you pick is 6 digits. This is because a custom-length code doesn’t show the little circles indicating how many digits you require. You need to tap an “OK” button after entering all the digits, so somebody unaware of your passcode’s length won’t be given a hint.
Yes, but the text keyboard is a bit awkward to use, especially on a small screen or if you’re wearing gloves. When your passcode is numeric, you’ve got big friendly buttons that are easy to tap. (Of course, you should never enter a passcode where someone might be shoulder-surfing, even if it is alphanumeric.)
With 4 digits you get 10,000 permutations, which would take, on average 5,000 tries to brute force crack. With 6 digits, you get 1,000,000 with 500,000 average tries. It seems that 4 digits are plenty strong (assuming your 4 digits are truly random, not in any way related to you, or a symmetrical keyboard pattern. 6 digits does give better and is pretty quick to type. Alphanumeric (even if just numbers) may be overkill, though it doesn’t add much effort.
But if they have a device to truly bypass the access code, then the number of digits probably becomes moot. Currently, as far as I have found, such devices are pretty expensive (and likely time consuming) and probably not worth the margins they’d make on even large batches of phones. Off to the parts bin.
We should remember if we enter data for our Medical ID and make it visible, they will know your name and possibly a bunch of other stuff to look up on the Internet and guess your passcode if you use birthdays or anything relatable.
Long before you get to that point, the phone will lock itself, forcing you to wipe it (using a computer and the Apple ID credentials associated with the device). 4 digits is just fine to protect against a “front door” brute force attack (whee someone is trying to type in codes).
It’s the security holes that may allow bypassing the access code (like those sold to law enforcement) that are the true danger, and no choice of code is going to help there.
But if the thieves had such a tool, they would just use it and not bother trying to scam you into unlocking it. So it would appear (at least for the moment) that these tools are still securely within the domain of governments and law enforcement agencies. Many of these governments are not going to be trustworthy, but they also won’t be involved in petty theft rings - they’re going to reserve that tech to go after much bigger targets.