I had to hand my phone over to a third party repairer. This would mean they needed to know my passcode so I wanted to lock down the phone to allow them to perform whatever diagnostic steps they might need but to restrict access to the wallet and iCloud keychain.
The first part was actually quite simple using a separate screen time passcode to restrict all apps bar the camera and any that they needed. The frustrating part was that the settings app itself cannot be blocked by screentime (I guess as thats where you configure the restrictions) and as iCloud keychain passwords are accessed from settings there was no way to block access to them.
With this update I could (somewhat) safely supply my passcode while being relatively confident that my keychain passwords were not viewed.
Also consider evil maid, or other kinds of backdoors (like jailbreaks).
I know Apple will never ask for your passcode but in the case of a repair shop that promises 15 minute service it’s kinda necessary unless you want it to take far longer and annoy them.
Ultimately with it locked down with screentime the only personal data I had an issue with was iCloud Keychain. Honestly I don’t know why Apple lets children access the full settings anyway. It would be trivial to add a screen time restriction for all features of settings except the screentime pane.
I didn't want to fully restore the phone for just a couple of days, so just set it up with a temporary passcode and signed in to an Apple ID I normally do not use [1], so that I could use it for that couple of days without things asking me to sign in.
After the battery replacement I then wiped it and restored from a backup under my normal Apple ID.
This mostly worked, except it messed up my Longest Move Streak with my Apple Watch. I'm not sure if this was just due to the wiping the phone part, or the having the phone on a different Apple ID than the watch for a couple days, or something else.
What the Fitness app tells me about the streak now is just weird.
The streak started on 2019-05-07 and I've not missed a day since then. The battery replacement was on 2022-12-21.
When I checked the streak in Fitness on 2023-02-04 it told me that:
My longest streak was 39 days ending 2023-02-03
My current streak was 1368 days
17 days later, 2023-02-21, it was reporting:
My longest streak was 41 days ending on 2023-02-20
My current streak was 1385 days
A few months later, 2023-09-23, it was:
My longest streak was 37 days ending on 2023-09-23
My current streak was 1600 days
My longest streak was 1710 days ending on 2024-01-11
My current streak is 1720 days
[1] I've got two Apple IDs because originally you couldn't use the same account for iTunes and their cloud service, and so everyone who wanted to use both had to have two accounts. Later they made it so one account could use both.
1Password at least uses a different password and isn’t unlockable with passcode alone
A _lot_ of apps did and still do fall back to iOS passcode authentication when biometry fails. It does seem like more developers are disabling this, however.
(I realise this means I can still get into my phone, just that I might not be able to access certain features - e.g. change passwords - if I'm not at one of my usual locations).
> When your iPhone is in a familiar location, these additional steps are not required, and you can use your device passcode like usual. Familiar locations typically include your home, work, and certain other locations where you regularly use your iPhone.
The hope would thus be that although someone could walk into your workplace and steal your phone off your desk, they would be much less likely to have been able to watch you enter your passcode first.
[1]: https://www.wsj.com/articles/apple-iphone-security-theft-pas...
But I wouldn't know how to determine if the instructions I was seeing were incomplete, or outdated. Is there a trusted, frequently-updated site that we can easily remember and plug into our friends' phone if and when this terrible thing happens to us?
I wish it were possible to designate an app to require FaceID or both my device password and my Apple ID password (or some other second authentication). Does this new updates fix this issue entirely? I feel like not because until I mark the phone stolen it doesn’t know to lock the holder of the phone out of my apps using just my device password.
Awhile ago, I added the "Find My Device" site to my bookmarks and I'd tested it out a few times. So I started there. And I also used Google Voice to place a voice call, so when it didn't ring in my home, I knew it wasn't here.
The Waymo passenger answered and there was much giggling. She kept saying she didn't know what to do. I said just leave it in the car.
So, knowing it was out of my control, I sent the remote wipe command, and hoped for the best. It turned out, the passenger also used the "Emergency Call" to send a text to my emergency contact. She offered to leave the phone in a pharmacy across town! I don't know how that would've helped.
Anyway, I did recover the phone at the Waymo Depot. It had obeyed the remote-wipe command and it was factory reset, with a full battery. It actually came out better-than-new, as the subsequent updates applied a few nice features.
Well for one, the pharmacy isn't moving.
If I had been the one to find your phone, I probably would have told you to suggest some other drop off place I can take it to that isn't too far out of my way, and if you could not or would not I would have probably taken it to a police station.
I would not leave it in the Waymo, even if that is what you wanted, because I have no guarantee that some other Waymo passenger after me will find it and steal it before you can get it back from Waymo. That could leave me as the last person known to have been in possession of the phone. I have no interest in becoming a suspect in the theft of your phone.
I may be missing something. But if not it seems like Apple is now incentivizing a scenario where thieves will physically go to the location of their victims homes in order to circumvent some of these measures.
I doubt the thieves would physically travel to his home for the phone, but I suspect that this will lead to blackmailing scenarios where the thieves exfil risqué or compromising content and threaten to send it to sensitive contacts if you don't unlock the phone the next day.
In a quite resourceful way (social engineering, process and system exploits) these criminal organizations will jump all the hoops (2FA, Face Recognition) and manage to access most of those apps.
I don't believe so, or at least where I am from. This 'only' provides additional protection against cases where thieves know your device passcode. I've had my phone stolen from me twice where they couldn't have known my passcode and couldn't remove it from Find My, and it was never seen again.
The other issue could probably be resolved with more aggressive part ID checking. iPhones should just refuse to function if they have a part from a stolen phone.
At the end of the day, you still don't have the phone whether the thief profits from it or not. All this will do is prevent criminals up to date with this info to not try to resell it. It does not prevent them from taking/destroying it.
It's an attempt to resolve the fairly widespread iPhone / iCloud social engineering takeover attacks that were documented in great detail by Joanna Stern last year:
https://www.wsj.com/articles/apple-iphone-security-theft-pas...
https://www.wsj.com/video/series/joanna-stern-personal-techn...
If you think in the systems of how criminals work, they tend to spend more time stealing things they think will pay off. Taking something that will cost them time and not gain them money will over time bias thieves to not taking iphones.
For example it may prevent this
a) iphone is left on a table in the open.
but would not prevent
b) iphone is in a bag, bag gets stolen.
What prevents "I stole your phone just to cause chaos" is the risk/reward profile. Even though your phone is useless to someone that stole it, it's still theft, and you'll still have to face consequences if caught. If the incentive is "I'll be able to buy $1200 worth of shit", then people are probably going to take their chances with getting caught. If it's "I'll get nothing except the satisfaction of smashing someone else's electronics", then most people won't take their chances.
With the whole "knowing your passcode doesn't help" situation, it makes the long tail crimes even more difficult. "Tell me your passcode or I'll shoot you" no longer works, for example. It makes the crime significantly more difficult to commit, and requires committing crimes that carry significantly longer sentences. (Armed robbery turns into kidnapping. You could be looking at the rest of your life in prison for $300 in someone's checking account. Not worth it to most people.)
At the end of the day, there is only so much you can do. The rest is your insurance company's problem. The fewer viable attacks there are against you, and the less often they happen, the less your premiums are. (I actually don't know if there is insurance for this. I should check.)
I care a lot about some low life scumbag not profiting from it. Anything that discourages theft is great.
I went to settings and could not find the option to enable this, but it turns out I was still on 17.2