Apple Responds to Report About Thieves Permanently Locking Out iPhone Users

by

The Wall Street Journal's Nicole Nguyen and Joanna Stern today published a report highlighting how thieves can use Apple's optional recovery key security option to permanently lock out iPhone users from their Apple ID account.

iphone passcode green
As the journalists first revealed in February, there have been increasing instances of thieves spying on an iPhone user's passcode in public and then stealing the device in order to gain widespread access to the device and its contents, including financial apps. All of the victims interviewed in the initial report said their iPhones were stolen while they were out socializing at bars and other public places at night.

With knowledge of the iPhone's passcode, a thief can easily reset the victim's Apple ID password in the Settings app, even if Face ID or Touch ID is enabled. Subsequently, the thief can turn off Find My iPhone on the device, preventing the owner of the device from tracking its location or remotely erasing the device via iCloud.

Today's report places more focus on an additional step that thieves can take: using the stolen device to set or reset a recovery key, a randomly generated 28-character code that is required to regain access to an Apple ID once enabled.


"Apple's policy gives users virtually no way back into their accounts without that recovery key," the report states. With unmitigated access to a stolen iPhone, the device's passcode, and the Apple ID password, thieves can steal money via Apple Pay and potentially other banking apps, view sensitive information like photos and emails, and more.

Apple's website does warn that losing access to both your trusted devices and recovery key means that "you could be locked out of your account permanently." In this scenario, however, thieves spying on iPhone passcodes before stealing the devices means that victims only need to lose their device in order to potentially be permanently locked out. The report serves as a valuable reminder to protect your iPhone's passcode in public.

For more details, read our previous coverage.

Apple Responds

In a statement shared in response to the report, Apple said it is "always investigating additional protections against emerging threats like this one."

"We sympathize with people who have had this experience and we take all attacks on our users very seriously, no matter how rare," an Apple spokesperson told The Wall Street Journal. "We work tirelessly every day to protect our users' accounts and data, and are always investigating additional protections against emerging threats like this one."

How to Stay Protected

iPhone users should use Face ID or Touch ID as much as possible when in public to prevent thieves from spying on their passcode. In situations where entering the passcode is necessary, users can hold their hands over their screen to hide passcode entry.

The report also recommends that users switch from a four-digit passcode to an alphanumeric passcode, which would be more difficult for thieves to spy on. This can be done in the Settings app under Face ID & Passcode → Change Passcode.

To protect a bank account, consider storing the password in a password manager that does not involve the device's passcode, such as 1Password.

Users can enable Screen Time parental controls to further lock down their device, the report adds.

Popular Stories

AirPods Pro 3 Mock Feature

AirPods Pro 3 Just Months Away – Here's What We Know

Friday April 18, 2025 5:16 am PDT by
Despite being more than two years old, Apple's AirPods Pro 2 still dominate the premium wireless‑earbud space, thanks to a potent mix of top‑tier audio, class‑leading noise cancellation, and Apple's habit of delivering major new features through software updates. With AirPods Pro 3 widely expected to arrive in 2025, prospective buyers now face a familiar dilemma: snap up the proven...
Read Full Article96 comments
iphone 16 pro models 1

17 Reasons to Wait for the iPhone 17

Thursday April 17, 2025 4:12 am PDT by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we often get rumored features months ahead of launch. The iPhone 17 series is no different, and we already have a good idea of what to expect from Apple's 2025 smartphone lineup. If you skipped the iPhone...
Read Full Article106 comments
Beyond iPhone 13 Better Triad

Apple's 20th Anniversary iPhone May Finally Go All Screen

Tuesday April 15, 2025 6:31 am PDT by
Apple is preparing a "bold" new iPhone Pro model for the iPhone's 20th anniversary in 2027, according to Bloomberg's Mark Gurman. As part of what's being described as a "major shake-up," Apple is said to be developing a design that makes more extensive use of glass – and this could point directly to the display itself. Here's the case for Apple releasing a truly all-screen iPhone with no...
Read Full Article88 comments
maxresdefault

iPhone 17 Pro Launching Later This Year With These 12 New Features

Sunday April 13, 2025 7:52 am PDT by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. Subscribe to the MacRumors YouTube channel for more videos. Below, we recap key changes rumored for the iPhone 17 Pro models as of April 2025: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and ...
Read Full Article143 comments
CarPlay Hero

Apple Releases Wireless CarPlay Fix

Wednesday April 16, 2025 11:28 am PDT by
If you have been experiencing issues with wireless CarPlay in your vehicle lately, it was likely due to a software bug that has now been fixed. Apple released iOS 18.4.1 today, and the update's release notes say it "addresses a rare issue that prevents wireless CarPlay connection in certain vehicles." If wireless CarPlay was acting up for you, updating your iPhone to iOS 18.4.1 should...
Read Full Article86 comments
iOS 18

iOS 18.5 Includes Only a Few Changes So Far

Monday April 21, 2025 11:00 am PDT by
Apple seeded the third beta of iOS 18.5 to developers today, and so far the software update includes only a few minor changes. The changes are in the Mail and Settings apps. In the Mail app, you can now easily turn off contact photos directly within the app, by tapping on the circle with three dots in the top-right corner. In the Settings app, AppleCare+ coverage information is more...
Read Full Article87 comments
ipad air windows 11 arm

M2 iPad Air Runs Windows 11 ARM via Emulation, Thanks to EU Rules

Tuesday April 22, 2025 5:01 am PDT by
A developer has demonstrated Windows 11 ARM running on an M2 iPad Air using emulation, which has become much easier since the EU's Digital Markets Act (DMA) regulations came into effect. As spotted by Windows Latest, NTDev shared an instance of the emulation on social media and posted a video on YouTube (embedded below) demonstrating it in action. The achievement relies on new EU regulatory...
Read Full Article91 comments
top stories 2025 04 19

Top Stories: iPhone 17 Pro Rumors, CarPlay Bug Fix, and More

Saturday April 19, 2025 6:00 am PDT by
This week saw rumor updates on the iPhone 17 Pro and next-generation Vision Pro, while a minor iOS 18.4.1 update delivered not just security fixes but also a fix for some CarPlay issues. We also looked ahead at what else is in Apple's pipeline for the rest of 2025 and even the 20th-anniversary iPhone coming in 2027, so read on below for all the details on these stories and more! iPhone 17 ...
Read Full Article36 comments

Top Rated Comments

cgs1xx Avatar
cgs1xx
26 months ago
So, Apple’s response was “aahh… sympathies” ?
Score: 28 Votes (Like | Disagree)
bunty Avatar
bunty
26 months ago
So we're gonna have our 989 post conversation all over again? https://forums.macrumors.com/threads/apple-responds-to-report-about-thieves-spying-on-iphone-passcodes-to-steal-your-entire-digital-life.2381922/page-40

The point is the passcode to unlock an iPhone can also be used to access or recover anything that asks for your Apple ID password...if you forget or pretend to forget your Apple ID password. Try it. It's all covered in the other conversation thread.

The screentime passcode can be circumvented easily. https://forums.macrumors.com/threads/apple-responds-to-report-about-thieves-spying-on-iphone-passcodes-to-steal-your-entire-digital-life.2381922/page-38?post=32028392#post-32028392
Score: 27 Votes (Like | Disagree)
brandoman Avatar
brandoman
26 months ago
All one has to do is turn on Screen Time > Content & Privacy Restrictions > Passcode Changes > Don't Allow. Be sure to use a different passcode for Screen Time.

Oh, and Account Changes (Don't Allow). Thanks for that tip @ypl.

Score: 24 Votes (Like | Disagree)
RamGuy Avatar
RamGuy
26 months ago
Is this even the case anymore? When I try to disable Find My, I'm prompted for my Apple ID password, not my passcode. Same if I try to log out of iCloud, this requires me to disable Find My as a part of the process prompting me t verify with my password, not my passcode.

All of this is common sense. You can't expect a 4-digit passcode to be all that secure. If you feel paranoid, use an alphanumeric passcode, aka password, instead.
Score: 21 Votes (Like | Disagree)
ELman Avatar
ELman
26 months ago
Essentially, be responsible for the device you own. It's not our issue.
Score: 20 Votes (Like | Disagree)
zorinlynx Avatar
zorinlynx
26 months ago
This would be less of an issue if iOS didn't randomly fail to FaceID and ask for a passcode, often at the least convenient time.

I wish Apple would get this resolved.
Score: 19 Votes (Like | Disagree)
Read All Comments