easthighNerd/Website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7e7196f3abfc32f1fb21686667ecfb58954f3b9a
Website/blog/2023/11/secure-apple-id-against-iphone-theft/index.html

197 lines
9.2 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>
[ Secure Apple ID Against iPhone Theft | easthighNerd ]
</title>
<link href="/res/css/default.css" rel="stylesheet">
<link href="/res/img/favicon.gif" rel="icon" type="image/gif">
<link rel="me" href="https://raru.re/@easthighNerd">
</head>
<body class="window">
<div class="window_bar">
<p>
Secure Apple ID Against iPhone Theft
</p>
<a href="/home/" class="close_button">
<img src="/res/img/close.png" width="48px" height="48px" alt="Close button">
</a>
<a href="/blog/" class="back_button">
<img src="/res/img/back.png" width="23px" height="23px" alt="Back button">
</a>
<div class="explorer_bar_top">
<img src="/res/img/explorer-bar.jpg" width="100%" height="88px">
<p>
https://www.easthighnerd.net/
</p>
</div>
</div>
<div class="window_content">
<h1 id="secure-apple-id-against-iphone-theft">Secure Apple ID Against
iPhone Theft</h1>
<p>After acquiring my first iPhone, I stumbled across a video on YouTube
by The Wall Street Journal (WSJ) <a href="#sources">[1]</a> about how
thieves are steeling peoples iPhones and, with just the victim's
passcode, completely and permanently locking victims out of their Apple
account (also detailed in another video <a href="#sources">[2]</a> by
the WSJ)</p>
<p>Both videos <a href="#sources">[1]</a><a href="#sources">[2]</a>, as
well as a video by Techlore <a href="#sources">[3]</a> made (at least
seemingly) in response to the WSJ's reporting, provide some guidance on
what you can do to help protect yourself against something like his
happening</p>
<p>In this blog post of mine, I'm really just gonna be outlining in a
readable format, what was suggested by both the WSJ <a
href="#sources">[1]</a><a href="#sources">[2]</a> and Techlore <a
href="#sources">[3]</a> on what can be done to help protect against
something like this happening to you if your iPhone does get stolen</p>
<h2 id="use-a-privacy-screen-protector">Use a Privacy Screen
Protector</h2>
<p>This one's kind of a low hanging fruit, but something as simple as
using a privacy screen protector can help, simply because one won't be
able to see what is on your screen if viewing your device from the
side</p>
<p>I got myself <a href="https://www.amazon.com/dp/B0CCYM3S2L/">this
one</a> off of Amazon, which seems to be a somewhat popular brand of
screen protectors for iPhone (they have both normal and privacy screen
protectors for iPhone form at least the XR up to the 15 series)</p>
<h2 id="use-longer-more-complex-passcodes">Use Longer, More Complex
Passcodes</h2>
<p>Using a complex passcode goes a long way, especially if it's an
alpha-numeric passcode (where both numbers and letters are used)</p>
<p>Something like <code>[111111]</code> or <code>[123456]</code> is
pretty easy to guess, but having a passcode like <code>[727873]</code>,
or even better, something like
<code>[I 4m 7h3 m057 1337 h4x0r 3v3r!]</code> will improve the security
of your device</p>
<p>And if typing out something like the alpha-numeric passcode I made up
above every time you want to unlock your phone seems like a gigantic
pain in the rear, you always have the option to</p>
<h2 id="use-biometric-unlock-options">Use Biometric Unlock Options</h2>
<p>Setting up either Face ID (on iPhone X and newer) or Touch ID (on
iPhone 5-8, and iPhone SE (up to at least Gen II)), in combination with
a strong passcode, will secure your device even further</p>
<p>With biometric unlocking, i.e. via Face ID, you won't need to enter
your passcode every time you want to unlock your device, so you won't be
inconvenienced by having a strong passcode, and the more you use it, the
less likely a potential thief will be able to discover your iPhone's
passcode</p>
<h2 id="create-a-recovery-key">Create a Recovery Key</h2>
<p>One of the things the aforementioned videos <a
href="#sources">[1]</a><a href="#sources">[2]</a> thieves do is they
create a recovery key for your Apple ID, which prevents you from using
other account recovery options, and Apple from being able to do anything
to help you per their own guidelines</p>
<p>So with that in mind, I STRONGLY recommend creating one yourself as
soon as possible, even without concern for this type of thing happening,
and storing it in someplace safe THAT IS NOT ON YOUR IPHONE</p>
<p>Plus, as explained in the Techlore video <a href="#sources">[3]</a>,
this is a required step for enabling iCloud Advance Data Protection
anyways, so if that's something that you have an interest in doing at
some point, you'll already be ahead of the game there</p>
<p>To do this:</p>
<ul>
<li>1: Open [Settings]</li>
<li>2: Tap on your Apple ID at the top of the Settings app</li>
<li>3: Tap [Sign-In &amp; Security]</li>
<li>4: Tap [Account Recovery]</li>
<li>5: Tap [Recovery Key]</li>
<li>6: Enable [Recovery Key]</li>
</ul>
<p>It will then display a recovery key, which you'll want to jot down,
as the next screen will have you input it</p>
<p>Remember to store it somewhere safe, and off of your iPhone, lest you
may be screwed in the future</p>
<p>Here's the link to
<a href="https://support.apple.com/en-us/HT208072/" class="external_link" target="_blank">Apple's
support page</a> regarding setting up a recovery key, should you wish to
view it</p>
<h2
id="use-screen-time-to-prevent-changing-your-passcode-or-apple-id-password">Use
Screen Time to Prevent Changing Your Passcode or Apple ID Password</h2>
<p>As outlined in Techlore's video <a href="#sources">[3]</a>, and
mentioned in one of WSJ's videos about this attack <a
href="#sources">[2]</a>, you can make use of the Screen Time feature of
the iPhone to lockdown the ability to change the device's passcode, as
well as your Apple ID's password</p>
<p>To do this:</p>
<ul>
<li>1: Open [Settings]</li>
<li>2: Tap [Screen Time]</li>
<li>3: Tap [Content &amp; Privacy Restrictions]</li>
<li>4: Enable [Content &amp; Privacy Restrictions]</li>
<li>5: Tap [Passcode Changes]</li>
<li>6: Tap [Don't Allow]</li>
<li>7: Tap [&lt; Back]</li>
<li>8: Tap [Account Changes]</li>
<li>9: Tap [Don't Allow]</li>
<li>10: Go back to the [Screen Time] section</li>
<li>11: Tap [Change Screen Time Passcode]</li>
</ul>
<p>From there, it will have you set a four (4) digit passcode which will
be required to make any changes to anything under [Content &amp; Privacy
Restrictions]</p>
<p>When you are creating this passcode, be sure that you DO NOT MAKE IT
THE SAME OR SIMILAR TO YOUR DEVICE'S PASSCODE</p>
<h2 id="use-a-password-manager-other-than-icloud-keychain">Use a
Password Manager Other than iCloud Keychain</h2>
<p>First off, if you're using a password manager, congratulations!</p>
<p>However, if you're using one properly, and that one is the one built
into iCloud Keychain, then if you are locked out of your Apple ID,
you're kinda screwed</p>
<p>What I would suggest, as well as what Techlore suggested <a
href="#sources">[3]</a>, is to use a separate password manager</p>
<p>My personal recommendation would be
<a href="https://bitwarden.com/" class="external_link" target="_blank">Bitwarden</a></p>
<p>The Bitwarden app in iPhone can be used as your default autofill
service, and can be unlocked via biometric, so you won't have to type in
you (STRONG) master password every time you wish to access it</p>
<p>As a plus, if you have Face ID unlock for Bitwarden turned on, it
will mandate the vault's master password to unlock it if Face ID can't
unlock it (y'know, like, if someone steals your iPhone)</p>
<h2 id="wrapping-up">Wrapping Up</h2>
<p>That's about all I've got for this one folks</p>
<p>Some other things that were mentioned between the three videos <a
href="#sources">[1]</a><a href="#sources">[2]</a><a
href="#sources">[3]</a> were things like</p>
<ul>
<li>Using separate passcodes for sensitive apps (i.e. banking apps) when
able, that are different and unrelated to your device's</li>
<li>Not storing photos of sensitive documents (i.e. driver's license,
tax documents) on your mobile device</li>
<li>Not storing banking passwords a password manager (I do see this as a
major plus for overall security, however I personally find it to be too
big of a hit to convenience, so you do you on this one)</li>
</ul>
<h3 id="sources">Sources</h3>
<ol type="1">
<li><a href="https://www.youtube.com/watch?v=QUYODQB_2wQ/" target="_blank" class="external_link">(YouTube)
Apples iPhone Passcode Problem: Thieves Can Ruin Your Entire Digital
Life in Minutes | WSJ</a></li>
<li><a href="https://www.youtube.com/watch?v=KlQFyVF8oW0/" target="_blank" class="external_link">(YouTube)
How to Prevent iPhone Thieves From Stealing Your Apple IDAnd Your Money
| WSJ Tech News Briefing</a></li>
<li><a href="https://www.youtube.com/watch?v=25wG173PL3U/" target="_blank" class="external_link">(YouTube)
Stop iPhone Data Thefts Now!</a></li>
</ol>
<!-- Source links -->
<hr>
<p>
<img src="/res/img/badges/by-sa.svg" class="cc_badge">
<br>
CC BY-SA 4.0
</p>
<p>
This work is licensed under a <a href="https://creativecommons.org/licenses/by-sa/4.0/" class="external_link" target="_blank">Creative Commons Attribution-ShareAlike 4.0 International License</a>
</p>
</div>
<div class="explorer_bar_bottom">
<img src="/res/img/explorer-bar-bottom.jpg" width="100%" height="23px">
<p>
https://www.easthighnerd.net/
</p>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink