iPhone's passcode is a big security flaw on iOS
Read in other languages:
Despite how security on iOS has evolved and improved over the years, thieves have still found a way to circumvent these new measures that were introduced by Apple. A new report revealed that iPhone users are becoming valuable targets because of how easy it is to uncover sensitive data like online bank access just by knowing the passcode.
A recent report by WSJ indicated that thieves are turning to clever ways not only to steal iPhones but also the data stored within the device. For example, new cases in Brazil showed that crime groups obtained passcodes from users simply by intimidating or assaulting them. There is also an instance where they record a victim typing his/her password before stealing the iPhone.
How an iPhone passcode can put you at risk
Once thieves have the necessary hardware and correct passcode, there are several ways they negate the security measures such as Touch or Face ID before resetting the Apple ID password from the settings. It is also possible to change the recovery key or disable Apple's Find My tracking feature on iCloud.
But the worst could happen since they will also gain access to the iCloud Keychain where passwords of bank accounts, apps, and emails are stored. Consequently, they can transfer whatever balance from your Apple Cash or use Apple Pay in transactions as well.
Basic protective steps you can take
Apple has acknowledged that issue through a recent statement released and referred to these instances as rare occurrences. However, the Cupertino giant didn't provide any steps to counter this or whether they have plans to add improvements in the upcoming software update or on iOS 17.
Instead, WSJ's Stern suggested a few basic ways to protect yourself and your iPhone, like using Face ID or Touch ID authentication when in public. More importantly, it is recommended to use a separate password manager app and have a locked note with a different passcode from your lock screen.
How do you manage sensitive data on your phone? Do you use a third-party password manager? Tell us in the comments.