Advice Request iPhone Security Problem - Major risk to over 1B iOS users

Please provide comments and solutions that are helpful to the author of this topic.

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Proper Honest Tech said:
The iPhone has a problem, and it's one that could impact absolutely any of the over 1 billion iPhone owners out there including you, it has the potential to be catastrophic if you're targeted, and Apple seem to be either reluctant, or unable to do much to fix it. In this video, I'm going to explain the problem to you, and give you 5 practical tips that you must be using to keep yourself safe.

Solutions include:
Use an alpha-numeric passcode, a complex code is harder to memorise on the fly
Use FaceID or TouchID where possible, never expose your PIN in public (check your surroundings)
Use a third-party Password Manager for store usernames and passwords (iCloud Keychain uses your passcode)
Comments from the Video
Comment by L Fitzgerald said:
5 days ago (edited)
You can stop someone changing your iCloud password by disabling Passcode and Account changes under Screen Time > Content & Privacy Restrictions. Just make sure that your Screen Time passcode differs from your iPhone passcode.

 

MuzzMelbourne

Level 15
Verified
Top Poster
Well-known
Mar 13, 2022
599
Firstly, I don't know that this problem is exclusive to the iPhone...

However, having watched the video, I can see the validity of the dude's case.

So, I followed the advice of L Fitzgerald in the comments and setup restrictions in Screen Time, which I have never used before, and it does indeed 'grey out' access to your account settings, so I guess it works.

I also changed my iPhone Passcode to a 12 character alphanumeric code, so good luck scumbags.

What remains to be seen is how much more inconvenient all this is how long before I scrap it all.
 

Trident

Level 27
Verified
Top Poster
Well-known
Feb 7, 2023
1,689
It is unlikely that someone in a public setting will be able to see your pin ever, as Face ID has a very high succession rate. Phones with fingerprint reader are a lot more vulnerable as the succession rate there is lower.

4-digit pin is 10K combinations already and considering it will lock you out for longer and longer, it is almost impossible to brute force it. With a 6-digit pin, it is unthinkable (10^6 = 1 million combinations).
Hence all actions described after can’t be performed.

Codes for 2-factor authentication (sim card can easily be removed) and browsing through photos, documents, banking apps and other personal information (if someone has managed to unlock the phone) is not an issue exclusive to Apple, it is an issue with all phones. The change of iCloud password can easily be reversed through support or by tapping on “It wasn’t me in the email”. Rescue email must be set.
 

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,148
It is unlikely that someone in a public setting will be able to see your pin ever, as Face ID has a very high succession rate. Phones with fingerprint reader are a lot more vulnerable as the succession rate there is lower.

4-digit pin is 10K combinations already and considering it will lock you out for longer and longer, it is almost impossible to brute force it. With a 6-digit pin, it is unthinkable (10^6 = 1 million combinations).
Hence all actions described after can’t be performed.

Codes for 2-factor authentication (sim card can easily be removed) and browsing through photos, documents, banking apps and other personal information (if someone has managed to unlock the phone) is not an issue exclusive to Apple, it is an issue with all phones. The change of iCloud password can easily be reversed through support or by tapping on “It wasn’t me in the email”. Rescue email must be set.
You know how much this happens in third world countries definitely not unlikely


There is tens of not hundreds of videos of this happening online
 
  • Like
Reactions: ZeroDay

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top