Do any of you think it’s a bad idea to activate the Erase Data function on your iPhone, if you 10 failed passcode attempts? It protects you in case you lose your iPhone or it’s stolen.
Home Theater
Entertainment & Streaming Content
Physical Media
Home Theater Equipment and Hardware
Other Diversions
Bargains and Classifieds
Home Theater Forum
iPhone Erase Data Activation (1 Viewer)
- Thread starter Robert Crawford
- Start date
titch
Senior HTF Member
- Joined
- Nov 7, 2012
- Messages
- 2,312
- Real Name
- Kevin Oppegaard
I back up my iPhone to my MacBook, so it's no problem for me to recover all the data stored on the phone.
I've got it turned on. I have iCloud backup. Loss of data is low. But nuisance factor would be high. I have mixed feelings about the feature. I'd probably be better off without it. But I do travel a fair bit. And I'm not prone to mistyping my code that many times.
But I think it depends on person and use. If you've got kids / grandkids that use your phone a lot, I wouldn't turn it on. If you're prone to mis-typing your passcode, likewise.
I've never heard of it being an actual protection against the graykey machines that FBI and such use, but I don't really know.
And this auto-delete feature is likely little or no protection against the threat du jour: people stealing your code by watching you type it in then stealing your iPhone and getting access to your account.
But I think it depends on person and use. If you've got kids / grandkids that use your phone a lot, I wouldn't turn it on. If you're prone to mis-typing your passcode, likewise.
I've never heard of it being an actual protection against the graykey machines that FBI and such use, but I don't really know.
And this auto-delete feature is likely little or no protection against the threat du jour: people stealing your code by watching you type it in then stealing your iPhone and getting access to your account.
Last edited:
I just leave it off myself. Not paranoid enough about having my phone (and its contents) stolen... at least so far. I think it's more of an issue if you actually keep rather sensitive data on it or readily accessible from it... particularly if it's a company/work phone... and then, you'd probably wanna turn on whatever strong encryption that Apple provides as well, which I haven't bothered digging into myself (so far)...
FWIW, if you lose your phone, you can generally use Find My Phone to erase it, if you can't recover it. Of course, that only works if your phone is (still) powered on w/ internet connection and isn't already hacked (w/ that feature disabled).
Maybe I might feel different someday if the likelihood of losing my phone or having it stolen (in particular) increases substantially for whatever reasons...
_Man_
FWIW, if you lose your phone, you can generally use Find My Phone to erase it, if you can't recover it. Of course, that only works if your phone is (still) powered on w/ internet connection and isn't already hacked (w/ that feature disabled).
Maybe I might feel different someday if the likelihood of losing my phone or having it stolen (in particular) increases substantially for whatever reasons...
_Man_
Honestly, I never even thought about it and have no idea whether or not it's enabled on my phone. Of course I'll check now but I can't imagine anyone actually thinking they can randomly guess an iPhone passcode. Sophisticated thieves will have already worked out a plan in advance. Either steal the code through "social engineering" means as Dave suggests or pass the phones on to professionals who have other uses for them.
Last edited:
Yeah, I'd think if they have the means and the will and interest at all, you'd probably have to be their kinda target for them to make that effort. As much of an ego some in my extended family might ascribe to me, really don't believe I'm interesting enough for that, LOL...
_Man_
_Man_
One thing: a thief can't just disable Find My Phone w/out also hacking your Apple ID used for the phone, so it isn't just as simple as hacking the passcode on your phone to disable that.
_Man_
_Man_
What prompted my question is the following videos I recently watched.
Ok, that does suck... and sounds like a loophole Apple needs to close.
I wonder when that loophole (w/ the recovery key) was introduced.
Also, as I think about it a little more, if the thief already hacked your passcode, they likely can fairly quickly change the password of your associated Apple ID because of the similar/related loophole w/ 2-way authentication and trusted phones (for password recovery/change).
Guess for now, we should probably all at least turn on that Contents & Privacy Restrictions --> Accounts Changes setting under Screen Time for an extra level of security against this loophole... although that probably still won't be nearly enough for fairly sophisticated thieves, especially given that just uses a 4-digit passcode. I've turned this on for phones of certain (far) less tech-savvy family members (for their own protection) before, and unfortunately, it's also a tad cumbersome to keep enabled as it locks you out of the entire Apple ID/account section of the phone, not just the Password & Security subsection of concern, and requires you to disable it (under that Screen Time sub-layer) to have access again (and then, you'd have to reenable again, LOL, if you want that extra security) -- not sure why Apple doesn't just immediately ask for the Screen Time passcode to allow temporary access to the Apple ID/account section.
_Man_
I wonder when that loophole (w/ the recovery key) was introduced.
Also, as I think about it a little more, if the thief already hacked your passcode, they likely can fairly quickly change the password of your associated Apple ID because of the similar/related loophole w/ 2-way authentication and trusted phones (for password recovery/change).
Guess for now, we should probably all at least turn on that Contents & Privacy Restrictions --> Accounts Changes setting under Screen Time for an extra level of security against this loophole... although that probably still won't be nearly enough for fairly sophisticated thieves, especially given that just uses a 4-digit passcode. I've turned this on for phones of certain (far) less tech-savvy family members (for their own protection) before, and unfortunately, it's also a tad cumbersome to keep enabled as it locks you out of the entire Apple ID/account section of the phone, not just the Password & Security subsection of concern, and requires you to disable it (under that Screen Time sub-layer) to have access again (and then, you'd have to reenable again, LOL, if you want that extra security) -- not sure why Apple doesn't just immediately ask for the Screen Time passcode to allow temporary access to the Apple ID/account section.
_Man_
If someone has your PIN and your iPhone, they have everything. (As the WSJ originally reported.)
Always been. Intentional design choice by Apple. Balance of security and risk to people from forgetting their password. There's been a lot of discussion on this the past month or two since the WSJ report came out.
If a thief shoulder surfs and manages to both steal your passcode as well as your iPhone, they can change your Apple ID password from your phone in a few seconds without hacking or knowing your current Apple ID password.
Last edited:
I think Gruber addressed this on his latest Talk Show.
To address your last statement, Man, there are those of us who don’t use the Screen Time feature.
To me, the best defense for this is to rely on Face ID. If you hard lock your iPhone and it requires your passcode to unlock, excuse yourself to the restroom where you can find a second of privacy to enter your passcode to unlock it. Also, using at least a 6 digit (or longer) numeric passcode defends slightly better against the shoulder surfer attack because the numbers-only keypad doesn’t spring up the numbers in plain view when touched like the alphanumeric keyboard does. Of course, I’m also past the point of having any interest in going to night clubs where this is more likely to happen.
To me, the best defense for this is to rely on Face ID. If you hard lock your iPhone and it requires your passcode to unlock, excuse yourself to the restroom where you can find a second of privacy to enter your passcode to unlock it. Also, using at least a 6 digit (or longer) numeric passcode defends slightly better against the shoulder surfer attack because the numbers-only keypad doesn’t spring up the numbers in plain view when touched like the alphanumeric keyboard does. Of course, I’m also past the point of having any interest in going to night clubs where this is more likely to happen.
Yeah, actually, it's most likely not a real issue for me either nowadays... because I'm also past the "night clubs" thing, not that I ever did that (outside of a handful not-particularly-pro, freelance photo gigs I took back nearly a couple decades ago, LOL)... 
plus there's simply far fewer occasions/opps for concern (at least) in my case in this nearly-post-pandemic reality now...
Still, maybe I'll eventually acquiesce to using FaceID, especially if I find myself ramping up Apple Pay usage... though the recent change to bypass need for authentication to use for NYC mass transit has alleviated one such nuisance for me.
_Man_
plus there's simply far fewer occasions/opps for concern (at least) in my case in this nearly-post-pandemic reality now...Still, maybe I'll eventually acquiesce to using FaceID, especially if I find myself ramping up Apple Pay usage... though the recent change to bypass need for authentication to use for NYC mass transit has alleviated one such nuisance for me.
_Man_
Similar threads
