It’s terrible to lose your iPhone. It’s traumatic to lose everything you’ve ever stored digitally, from photos to money. The latter is, sadly, far more common. Journalist Joanna Stern recently published an article in The Wall Street Journal detailing the widespread theft of iPhones and the sensitive information contained within them in major cities like New York. The innocent-looking passcode on the iPhone is to blame.
Your iPhone’s Passcode Can Be Used Against You
Although your passcode protects your iPhone and its data, it has too many security flaws to be considered foolproof. If a thief manages to guess the six-digit code displayed on your Lock Screen, they’ve already won. Because of this, it is frequently attacked by criminals in cities all over the world. It’s simple to see over someone’s shoulder, but organised criminals have developed routines to capture passwords with pinpoint accuracy, with one person assigned to record others as they enter the passcode into their phones for later use.
The passcode you set protects some very private information on your iPhone. Theft of an iOS device leaves the user vulnerable to having their iCloud account compromised in a matter of minutes if the thief is able to record their passcode input. (Here’s how you can verify this for yourself: To modify the password for your Apple ID, open the iPhone’s Settings app and tap on your name. You’ll only need to enter your passcode into your phone once more before you can begin the iCloud password reset process. Yikes.)
It’s smooth sailing for the thieves from there on out. They can disable Find My tracking, which will lock you out of all of your Apple devices, and remove other gadgets from the Find My network. You not only can’t use your Mac or iPad, but you’ve also lost your iPhone. They also changed your password, so you can’t access your account to fix the issue there.
Even if you use Face ID to unlock your phone, you’ll still need a passcode to access any sensitive apps on your phone. Money transfer and banking apps like Venmo, Apple Pay, Coinbase, and others are included in this category. In these robberies, victims are losing more than just their devices and data; they are also losing hard-earned cash. This is very concerning, and at the moment Apple has no adequate response. However, there are a couple of things you can do immediately to safeguard yourself.
Use an Alphanumeric Password on Your iPhone
A stronger passcode should be your first step. Attempt a new, more secure password that is longer and contains both letters and numbers as well as symbols. You’ll find Passcode Options within the Face ID & Passcode submenu of the Settings app. Even though it’s more difficult for someone to see you enter the code over your shoulder, this method is far more secure than a simple numeric passcode. You’ll only have to go through the hassle of entering it occasionally, as Face ID and Touch ID will still be your primary methods of authentication.
Don’t let anyone See Your iPhone’s Password
Think of this new code as you would your bank’s PIN. If you must enter your passcode on your iPhone in a public place, like a bar or a crowded train, it is recommended that you shield the screen from prying eyes. Always keep in mind that this password is the key to unlocking your entire iPhone.
Mind Your Password Managers
Using a password manager is a great option for keeping all of your complex passwords in one safe place. However, a password manager should be avoided at all costs when accessing financial apps. The Wall Street Journal states that thefts occurred because thieves gained access to cloud-stored banking credentials. The hacker could easily autofill the password and gain access, or they could use your passcode to unlock the enter keychain.
Using a password manager is obviously much more convenient than trying to keep track of all your different account passwords. Use a third-party password manager like 1Password or Bitwarden, both of which require a unique master password, if you want to use one for your financial apps. With that measure in place, a thief who gains access to your phone will be unable to view your financial passwords even if they know your passcode.
Use an Authentication App Rather Than SMS-Based 2FA
If your banking app supports 2FA, you should always use it. If 2FA is supported, you should always use a dedicated authenticator app rather than a method that relies on text messages. A thief who steals your iPhone will also have access to any SMS-delivered 2FA codes. Instead of using your iCloud password to access the app, you should look into alternatives like Aegis or Raivo that provide their own password protection. The authenticator app, like the third-party password manager, is secure so long as the master password is used. They can’t access your bank account even if they know your password.
Don’t Keep Pictures of Your Financial Information on Your I Phone
Finally, you should go through your photo album and notes and remove any references to your credit cards, bank details, social security number, or identification documents. The bad guys only need a scanned copy of your credit card to cause havoc with your bank account.