Privacy and security are a huge element of Apple's business model. When you buy an iPhone, Apple wants you to know that your iMessages are encrypted, Face ID is secure, and you have features to block trackers while browsing the web.
While these are great features to keep your data safe and secure, they're far from perfect. Back in February, a Wall Street Journal investigation found that iPhone thieves were able to reset their victims' iCloud passwords from a stolen device, allowing them to both take over the iPhone they stole and the Apple ID attached to it. This is possible if the thief knows your iPhone passcode, something that might be easy to learn if they spy over your shoulder as you type it in. While there are many iCloud features that require your Apple ID password to gain access, resetting your iCloud password only takes your iPhone's passcode to get started. If a thief has that, they can break into your phone and take over your digital life.
Back when this report broke, we recommended certain workarounds to protect yourself, but workarounds are imperfect. Luckily, with iOS 17.3, Apple has taken the first step towards a real solution.
Stolen Device Protection can prevent thieves from taking over your iPhone
With iOS 17.3, Apple has introduced a new "Stolen Device Protection" feature. When enabled, Face ID or Touch ID (if your iPhone has a Home button) will be required when accessing passwords and passkeys, making purchases with saved cards in Safari, applying for an Apple Card, viewing your digital Apple Card, erasing all content and settings, taking some Apple Cash and Savings actions in Wallet, disabling Lost Mode, and using your iPhone to set up a new device.
In addition, certain features will require Face ID or Touch ID and come with a one-hour delay when you try to enable them in an "unfamiliar location." That includes changing your Apple ID password, updating certain Apple ID account security settings, changing your iPhone passcode, adjusting Face ID or Touch ID settings, turning off Find My, and turning off Stolen Device Protection itself. When you try to use any of these features, and your iPhone detects you are away from a familiar location, you'll need to authenticate yourself with Face ID or Touch ID, wait an hour, then authenticate again.
In theory, this security delay should only kick in when you're not in safe, familiar places like your home, work, or other trusted areas. However, Apple pulls this info from your "Significant Locations," which records places you frequently visit, but takes in little other context. What your iPhone determines to be a familiar location can vary from logical places like your house, to illogical places like a laundromat or convenience store. Obviously there's a big difference: A thief is unlikely to steal your iPhone while you're using it in your house, but just because you go to CVS a lot doesn't make it a safe place for your iPhone.
Whether the security delay has kicked in or not, though, you won't have the option to punch in your passcode if Face ID or Touch ID fails. You will have the option to try again later if your scan doesn't work (say you forgot to take off your sunglasses), but bad actors will find their efforts to be in vain (unless they have also stolen your face).
How to enable Stolen Device Protection on iPhone
To get started, you'll need to be running iOS 17.3 or newer. Once updated, open Settings > Face ID & Passcode. Punch in your passcode, then scroll down and hit Turn On Protection. That's it! Stolen Device Protection will activate, and you'll be protected going forward.
If you don't want the feature on going forward, you can return to this page to disable it. However, remember that one-hour delay will kicks in when you try to turn the feature off when you're in an unfamiliar location, so maybe wait until you're back home or at your favorite CVS.
from LifeHacker https://ift.tt/oJBHUbV
https://ift.tt/q0z4thE