In case you didn’t know, there’s a nifty security feature baked right into your iPhone account. It is called a “recovery key,” which, as the name suggests, lets you reset your password and regain access to your Apple ID. Well, iPhone thieves are targeting this security feature to lock users out of their own smartphones!
At the core, the recovery key for your iPhone account is a randomly generated 28-character code. Apple designed it to make your Apple ID more secure. However, if you were to use it, you would need to have access to your device and the recovery key itself. When any of these two is lost, you could get permanently locked out!
How Thieves Are Exploiting iPhone Account Recovery Keys
Basically, when you activate the recovery key feature for your iPhone account, your Apple ID disables the “account recovery” option. That means you will not be able to access your Apple ID without having the recovery key. Apple previously advised users to keep a copy only with a family member or members they trust.
Once it gets into bad hands, your iPhone account and Apple device will be permanently locked out. Wondering how thieves are getting access to the recovery key? Well, they are not actually using the recovery key. Instead, they are watching the potential targets enter their lock screen passcodes before snatching their devices.
With the known lock screen password, thieves are getting into the stolen devices and switching on the recovery key feature if it has not been activated yet. And if a recovery key is already activated, they are generating a new one. In both cases, the “account recovery” option of the iPhone account deactivates.
That eventually makes the original owners get locked out of their Apple ID. And the worse part is that you can not do anything about it. Not even Apple can help you out in this case. At least, that is what two of the victims reported. One of them even lost $10,000 from her account after her iPhone account got into the wrong hands.
Gizchina News of the week
Another victim reported that their Apple ID was charged for a $1,633 iPad after a thief swapped out his iPhone with a fake one. He did not even realize that his iPhone account was breached before the event.
Apple’s Response
In response to these events, an Apple representative came forward with a response. The representative told The Journal that Apple has been working “tirelessly every day to protect our users’ accounts and data.” In addition, the representative assured that Apple is investigating the matter to offer additional protections to tackle these types of threats.
How to Protect Your iPhone Account from Thieves
There are a few security measures that you can take to protect your Apple ID. For example, you should turn on Face ID or Touch ID on your phone and primarily rely on it to sign into your device in public. Additionally, you should use long alphanumeric passwords.
You can add an additional layer of protection on your phone to strengthen your Apple ID through the Screen Time Password. The only downside to this is that you will need to enter the Screen Time Password every time you make any modifications to your account.
Wondering how can you add the Screen Time Password on your iPhone? The steps are outlined below:
- Head over to the settings app of your iPhone and click Screen Time
- Scroll down and set a passcode
- Click on Content & Privacy Restrictions and keep the Content & Privacy Restrictions toggle on
- Head to Allow Chances, click on Account Changes, and click Don’t Allow