Dave
Member
"It's tough to make predictions, especially about the future." Yogi Berra
Posts: 4,103
|
Post by Dave on Feb 24, 2023 13:38:13 GMT -8
|
|
Dave
Member
"It's tough to make predictions, especially about the future." Yogi Berra
Posts: 4,103
|
Post by Dave on Feb 24, 2023 16:58:07 GMT -8
|
|
Dave
Member
"It's tough to make predictions, especially about the future." Yogi Berra
Posts: 4,103
|
Post by Dave on Feb 24, 2023 17:14:03 GMT -8
|
|
Dave
Member
"It's tough to make predictions, especially about the future." Yogi Berra
Posts: 4,103
|
Post by Dave on Feb 25, 2023 9:52:44 GMT -8
|
|
|
Post by deasys on Feb 25, 2023 13:27:11 GMT -8
Yes, in much the same way as people whose house keys are stolen have a problem. (The solution is don't let anyone steal your iPhone or look over your shoulder while you key in your passcode. I like Stern but I don't like the clickbaiting headline or article.)
|
|
4aapl
Moderator
Posts: 3,632
|
Post by 4aapl on Feb 25, 2023 21:31:24 GMT -8
Yes, in much the same way as people whose house keys are stolen have a problem. (The solution is don't let anyone steal your iPhone or look over your shoulder while you key in your passcode. I like Stern but I don't like the clickbaiting headline or article.) House keys are such an inelegant solution. It's just enough to keep out riff-raf, while making people feel secure that just don't know otherwise. There's lots of locks out there that are just trivial to pick or bypass. Locks often used in a cube-farm are amazingly easy to pick with a paperclip, or just jiggling a key. But then there is the brute-force method too, where many that had an older car stolen at some point can understand a missing lock cylinder. Security is different if you are talking a high value target. For most of us, a 4 digit passcode, no matter how easy, is plenty. It's not great to be on the top 10 or 20 most common passcode list. OTOH, part of security is physical access of the device. Don't lose control of it, and it doesn't even need a passcode. Apple's preference towards 6 digit passcodes in general is a good thing. But giving additional levels, for those that want or need it, is important too.
|
|
bud777
fire starter
Posts: 1,352
|
Post by bud777 on Feb 26, 2023 6:23:15 GMT -8
|
|
4aapl
Moderator
Posts: 3,632
|
Post by 4aapl on Feb 26, 2023 15:45:24 GMT -8
www.ped30.com/2023/02/24/apple-passcode-problem-wsj/Yes, in much the same way as people whose house keys are stolen have a problem. (The solution is don't let anyone steal your iPhone or look over your shoulder while you key in your passcode. I like Stern but I don't like the clickbaiting headline or article.) ... Security is different if you are talking a high value target. For most of us, a 4 digit passcode, no matter how easy, is plenty. It's not great to be on the top 10 or 20 most common passcode list. OTOH, part of security is physical access of the device. Don't lose control of it, and it doesn't even need a passcode. Apple's preference towards 6 digit passcodes in general is a good thing. But giving additional levels, for those that want or need it, is important too. Sorry, I hadn't watched the video yesterday, but did today after reading two other articles on this problem. I don't like watching video stories, but this was worth the 7 or 9 minutes. Basically, the problem is that Apple makes things too easy by tying in together multiple things, which can allow a whole lot of things if someone gets your iPhone and passcode. Which they were doing here, often at bars, by watching you put it in a few times, before they stole it. One solution is using FaceID or TouchID to log in. This isn't always possible, due to the characteristics of each. FWIW, on a ski slope I always have to put in a passcode, since FaceID doesn't like goggles (TouchID doesn't like wet or dry/cold fingers.) Another that they also point out is to de-link things. Don't have your iPhone remember the login to your bank. It was interesting to be reminded to not has pictures of your IDs and such on there, or to put those behind a different passcode. People who have traveled are often told to have photos of things like IDs and credit cards. Once the thief has your passcode and phone, they change it right away, and it sounds like change your AppleID password (I just tried this on mine, and it still wants the current AppleID password to change it, though maybe it is possible with further steps including the Forgot Password link). That stops FindMyIphone from working too. And then they have anything in the cloud too. (EDIT: That's strange. At 4:24, she is changing the AppleID password without being asked for the old one. On mine, it asks for the old one. A few seconds earlier, it looks like all the settings are the same ones that I have. I am running iOS 16.3.1. Maybe this is a change, or maybe I have a setting somewhere else that is changing this. I'm not going to look anymore right now, but if you are curious, follow her steps and see if it asks for the old password, which seems pretty intuitive.) Apple could help with this by letting a secondary passcode be setup to login, similar to a guest login. They'd have to think about what security is needed for what things. Another is something I heard they already have, of not needing to login if you also have an Apple Watch on you that hasn't been removed. Another would be to put a delay on things like turning off FindMyiPhone or changing the AppleID password. A 10-30 minute delay could change things greatly. The woman in the video said she lost years of photos/memories. Like anything on a computer, having a backup, and ideally a secondary backup, is huge. If once a year you made a secondary backup to a HD or jump drive, you'd at least have that. This, of targeted iPhone stealing after they watch you put in your passcode, is a problem. It does make sense to at least know it's an issue, so you can have that in mind when deciding to save your bank account info or whatnot. Or like it said, maybe you decide to use a 3rd party password manager, which then makes it easier to separate out the tasks, and to use a separate passcode for that.
|
|