Bad news folks: iPhone thefts are on the rise. Not only that, but a new report by The Wall Street Journal (WSJ) suggests thieves are using Apple’s recovery key system to lock users out of their Apple accounts for good.
In particular, astute criminals generate new 28-character recovery codes – after gaining access to stolen iPhones by spying on lock screen passwords – to hijack users’ Apple IDs. According to Apple’s security guidelines, generating a new recovery key means you “may be permanently locked out of your account,” and thieves use the vulnerability to stack purchases on stolen iPhones while users try to cancel their bank cards.
Fortunately, there are steps you can take to better protect yourself from the consequences of iPhone theft, and in this article, we highlight three simple settings you should consider activating now (as first explained in WSJ (opens in a new tab)).
1. Set up a custom alphanumeric code
First: you should always use Face ID if your iPhone complies with this biometric security feature (for those who don’t know, every iPhone released after iPhone X – apart from iPhone SE listings – has Face ID features). Despite their best efforts, thieves can’t copy your facial identity, and using Face ID as your primary unlocking method means they won’t be able to spy on your password either.
However, if you must enter a password, make sure you choose an alphanumeric code. Four- or even six-digit numeric codes are easy to remember, but alphanumeric codes combine numbers and letters to Really check the memory of thieves.
iPhone passcodes are numeric by default, so to enable an alphanumeric passcode, go to Settings, tap Face ID & Passcode, enter your current access code AND scroll down to Change Password. Here you will be asked for it verify your old passcode once again then tap Passcode Options Down access the custom alphanumeric keypad.
2. Use a Screen Time passcode to restrict Apple ID access
Okay, we admit it: This next trick will likely cause a headache in the short term, but the long term payoff could be protecting your Apple ID.
As the WSJ notes, you can use a Screen Time passcode to add one extra layer of security to your Apple ID. It’s annoying that you’ll have to enter your screen passcode every time you want to make innocent changes to your Apple ID, but it’s a worthy sacrifice for such a helpful temporary break feature in our book.
To enable a Screen Time passcode for your Apple ID, go to Settings AND tap Screen TimeThen tap Use Screen Time Passcode. Set a password then to choose from enter your Apple ID credentials so you can recover your screen time passcode if you forget it.
Next, go to Content and Privacy RestrictionsThen turn on Content & Privacy Restrictions. Scroll down to the Allow changes menuAND switch the Account Changes slider to Don’t Allow. For another layer of security, you can also block passcode changes at this stage, which will remove the Face ID menu and passcode from the Settings app.
Update: After this article was first published, former university professor Scott Springman emailed out that a thief knowing the password could disable Find My Phone without even being able to access a screen time locked account (quick search “Find” in Settings and Find My phone can be turned off).
To prevent this from happening, Springman notes, you can turn off location services in your phone’s screen time privacy settings. Of course, this means you’ll have to disable the lock temporarily if a new app needs access to the location service, but it’s reassuring to know you can protect yourself against this additional vulnerability.
3. Disable access to the Control Center on the lock screen
Again, this change may take some time if you’re someone who regularly accesses the Control Center without going into the actual iPhone, but disabling Control Center access on the lock screen will stop thieves from activating Airplane Mode.
Why is it important? Well, in case someone steals your phone but doesn’t know your password, you can use Find My iPhone to track its location from another iOS device (see our dedicated guide on using Find My iPhone if you haven’t already set up Apple tracking software on your device). However, if the thief in question activates Airplane Mode, your iPhone cannot be tracked using Find My iPhone.
Disabling access to the Control Center on the lock screen therefore means you can literally track the movements of an unsuspecting looter – and more importantly, the location of a stolen iPhone.
To make this change, go to Settings AND tap the Face ID & Passcode menu. Enter your iPhone passcodeThen scroll down to the Allow access when blocked menu. Here, disable Control Center (it is enabled by default).