I have over 20,000 photos on my iPhone that I have taken over the past few years. I feel for this man. I hope he gets his memories back :(

Excellent follow-up, Joanna and the WSJ team!

Props to the WSJ for shining the spotlight on this, hopefully it forces Apple to add some preventative measures in a software update and to create a process people affected by this can use to prove their identity and get the iCloud account back.

So basically, Apple's big fail here was the idea of relying on the iPhone's passcode for anything other than unlocking the iPhone itself. Resetting the Apple ID passcode or regenerating a recovery key should require at least two factors of authentication, neither of which is the iPhone's passcode. Also, when using Touch ID/Face ID to unlock apps within the iPhone, it should fallback to the app's log-in credentials if biometric authentication is not successful (instead of prompting to enter the iPhone's passcode).

Hi, you should also add the “Passcode Changes” to the list from screen time. If they have your passcode, they can also change your passcode. Without it, they can’t change it

Apple should require the Apple ID password when: Changing the pin, changing the password. Apple should require both Apple ID password and phone pin if: changing your recovery key. In my opinion though, once you create a recovery key, the only way to remove it or change it should be by providing the existing recovery key. If you forget it, then that's it, you'll never get it back. So it's not a feature for everyone.

Big issue, glad you guys are bringing the spotlight on it, changing my settings now

The suggested fix also introduces other exploitable loopholes unfortunately

lol why do they let you create a new recovery key without the old one?! They would be on firm footing if they said once you *choose* to create a recovery key it cannot be replaced. But letting people just erase and create a new one is ridiculous!

Your passcode can be a… - 4 digit pin - 6 digit pin for even more security - An alphanumeric pass phrase for even more security. There are even more enhanced security features such as hardware UBI KEY if you want but would you as the average consumer sacrifice the convenience?

That screen time settings can be trivially bypassed by going through the forgotten screen time passcode flow. Eventually, an attacker can get to a password reset screen, and there’s nothing you can do to prevent that. It is absolutely flawed and Apple needs to fix it.

The big issue here is really the ability to make such significant changes to your security without any stronger safeguards than the PIN. My 5 year old is able to remember PINs just after 2 demonstrations - its really not that hard finding someone's PIN. I can understand why Apple did this... but for people who live in the Apple ecosystem this is really quite worrying. Luckly for the android users, Google OS is just not polished enough for this to be a problem.

Great video thanks. Apple needs to protect their customers.

Joanna Stern is amazing. I love everything she does. A few years ago I got to meet other legends in the Technology industry like Nilay Patel, Dieter Bohn, and even the legendary Walt Mossberg. Was hoping Joanna would be at The event (it was the last CNTL WALT DLT podcast episode ) Hopefully I can meet Joanna one day and meet another huge legend.

Thanks, Joanna! The Screen Time lock tip has given me peace of mind.

It also depends on where you are as well. You have to be aware of your surroundings. Having a privacy screen protector so others can’t see what your doing on your phone as well as making sure you are in a safe environment before doing something on your phone. I know that we all like to think everyplace is ok but it isn’t

I’ve seen a comment on a previous KZbin video on how to make it harder for thieves to do this. You have to set a screen time passcode and then from there turn on the setting to prevent account changes so they can’t get into your iCloud account on your iPhone. You’ll also have to turn off of your email being accessed on the phone as well, because if you don’t and your email address on your phone is linked to your Apple ID they can just reset your Apple ID password. If they have the technical knowledge

I dunno. Feels like these issues aren’t so much Apple or general tech “loopholes.”We can’t sit back and rely on a device to protect our devices and memories; we have to be smart and proactive and protect them ourselves, too.

I have a physical security key linked to my Apple ID. This would circumvent that. The whole point is for it to be the most secure option, incredibly frustrating you can bypass all this security with a 6 digit number. I wish I could disable changing apple ID passwords with your phone.

Apple truly can't do anything once you add a recovery key. It's not that they don't want to or don't believe him; it's that his data is encrypted and locked, and not even Apple can unencrypt it to change the password without the recovery key.

Quite informative content. Better to be prepared before it actually happens.

Apple should do something about this as soon as possible!

Great video! Most consumers will never do it because they have no clue how to manage files or backups..... but a local backup is the only real solution for these types of scenarios. You can't rely on Apple as your only source for photos + videos. Reply

There are 4 different ways to control access and of course requiring a combination of them is the best. The 4 ways, of which only 3 of them are generally in use are 1) Something you know like your pin or password; 2) Something you have like a Yubkey; 3) Something you are like a retina scan or fingerprint or; 4) Something you can perform like playing a short musical number or juggling or whatever. I really think #4 should be used more as for example people have a typing cadence that is fairly unique and hard to duplicate. Obviously this can change in different situations but there could be simple ways like having a pattern you wave the phone (triangle, square, figure eight with a certain cadence) in as a way to enter the passcode which could be used.

So basically, a thief can only do this if they actually have ur first passcode and are able to use the phone

I think Apple should allow the users to create PASSWORDS for each app, I think that will make it harder for the thieves to get to our info.

WSJ is my fav media from the US.

This just happened to my roommate. His phone was stolen in NYC and the iCloud password was immediately changed. It seems Apple hasn't done enough to prevent this major flaw in their system.

Wait!! Can we use screen time to limit any sensitive apps too!!?

So enable FaceID, don’t use your passcode in public so the thieves can’t walk into your house and change the locks

How they know the original password?

4:12 shows how to prevent this. Great tip!

You’re a freaking awesome, Joanna! Thank you so much!

I think I’m one of the few that blocks access to my Apple ID account with a demand for passcode for any account changes. It’s very rare that I temporarily have to remove this lock myself to be able to access the Apple ID account settings. If the thieves can’t turn of the “find my iPhone” they rarely can reset and sell them. 1. This is set under screen time - content / privacy restrictions - account changes, and of course that is a a unique code, not the same as used for unlocking the phone. 2. You can also set passcode to “always required”. This will block 99% of the thieves, but 1% of them just sell the phone to specific countries where IMEI-lock and all the other protections is removed very easily. It’s a myth that IMEI-lock works globally.

This is why I make a backup of ALL my photos and videos on iCloud on January 1st, every year. Everything is duplicated on 3 USB keys, and placed in my home, my parent's home, and a bank safe deposit box. Never log into banks on the phone. Never use payment apps or phone chips to pay anything. There might be a slight convenience for storing everything on the phone, but not worth the potential cost and consequences of losing that phone.

Good job keep educating the new thieves and give the old thieves a heads up lol...

WSJ, always informative. Thank you for this.

@4:17 Very nice security workaround

Thanks so much for sharing on how to change the settings to prevent the takeover of iPhones! Much appreciated and I’ll definitely share this video.

Thank you for sharing the tip about the screen time passcode I would have never discovered that. But it is fairly effective once set. Apple need to do more to stop this issue

Thank you for making part 2❤

THANK YOU SO MUCH!!! Holy cow this world is getting crazy!! I left Samsung for Apple because of its security measures that it has which devices I really hope Apple fixes this, but thank you so much for this video I took the steps to safeguard my iPhone!! thank you again

How to protect from this on android/ Samsung s23 ?

It's situation they had in Lost in Space, when overseer Hastings took over control of doors and tried to override permissions and vent the airlocks.

The screentime passcode can also be bypassed easily if I remember correctly I saw one of the comments in your last video mentioning that.

every part of the iphone NEEDS to be locked behind face id AND a password. you should need both instead of one or another

Also u can connect a cable and brute force generated pin in few hours

Need Joannas take on the sideloading app feature coming to iOS 17 in the coming months. What is Apple doing to keep its ecosystem secure?

Loophole? More like negligence on the owner’s part.

Add Advanced Data Protection into the mix and you are well and truly up the creek without a paddle.

One of the worst feelings is getting your phone stolen. It’s like an intruder/stranger has violated your privacy

What people don’t understand is these keys are effectively and literally keys to their iCloud accounts, and no matter what shape or form of identification they offer Apple the latter will never be able to decrypt their iCloud access. It’s all programmatic, for the good of us the users and our privacy. One recommendation is to AVOID using their passcode in any public space or anywhere they may feel someone will see them. Treat them as if it were their ATM PIN, their iPhone passcode at this point is even more important.

Prior to 2FA you would have to enter your existing password to be able to access account settings. Clearly they need to bring this back.

SUPER HELPFUL! THANK YOUUU SO MUCH.. 10/10 as always Ms. Joanna

So don't lose your phone and the passcode at the same time.

leaving your digital property on the hands of third party is the price to pay here. there's a reason why some companies still insist on offline backup.

Really dangerous flaw, it's a bad mix of total convenience and over security.

Not aware if anyone mentioned, but for the potential solution; you can change the screen time pin with the apple id which would render that method useless.

Very important news. Thank u

I appreciate the heads up on this issue, and I agree that Apple can probably do more to prevent this problem. But - as I understand it - I think the iCloud account's encryption makes it literally impossible for Apple to access the user's data without the local encryption key, effectively now in the control of the thieve. On this part Apple should NOT make a change - I love their security even if it can bite someone bad on rare occasions.

There are still breadcrumbs leading to the recovery key even if some of you do what is suggested to keep it safe as some of the comments have already pointed out. Unfortunately current and new thieves are also watching this video to see how they can improve on their thieving skills. I see this video as more of a wake up call for some to focus on extra security protection barriers within your phone as well as within the apps used on the phone making it difficult to steal information which is more valuable to thieves than the phone itself.. Remember, even backups need backups….

Great story and Apple's army of lawyers will, of course, never admit any fault. Could you do a counterpoint story about how all this works on Android phones? 🙏

Thanks or a great follow-up vido! The front-door analyogy really worked for me

Have they added additional features so this can't happen to anyone else?

Did he ever get back his information? Is there a follow-up since this was aired?

THIS is REAL journalism!!! Unlike all the other Apple sheep KZbinrs 🏆🏆🏆🏆🏆

Just a heads up there is a way around the screen time… I’m not going to say it for obvious reasons… However it should slow them down (assuming they do not know the way around screen time).

They provide you with an option to use physical security keys

That beautiful little angel. This is one of the worst . Please deal with them in a similar matter .

I used to work at an Apple authorized Geek Squad and I probably had around 200 customers in the two years who unfortunately were locked out by because of the record key. The only other way was if they had a physical sim we could move to another phone and get the sms message code. 2/10 customers were frustrated, dissatisfied and confused at Apple.

Great reporting

Just use biometrics especially in public. The only time i use my pin is when i restart my phone and it's required.

This screen time setting won’t work if you have the apple support app installed on your device. You can change the Apple ID password through the apple support app.

Excellent job. Hope Apple will find solutions for this

There’s also recovery phone contact and that can be removed so it feels like they can get into everything let’s say you lock your notes app and have recovery key in it not only they can change recovery key but can you’d phone passcode to get into that note to remove everything

One thing that apple should include when changing the iCloud password is for users to type in the old password before making a new password. This won’t allow thieves to be able to change your iCloud password cuz they won’t know your old password. Also ensuring that it’s the owner of the phone itself that’s changing the password and not any one else.

The point here is that Apple cannot give you access to your data. It is just not possible, because your data is encrypted with that recovery key or your password. So it doesn't matter if Apple takes other forms of verification. It is physically and practically impossible to unlock the account for you or for anyone else. That the recovery key and password can be so easily changed on device is what Apple needs to work on.

Imagine being held at gunpoint and having to decide between losing your entire digital life or your actual one. This is the nail in the coffin for iCloud for me, which was already perilous enough from a data integrity perspective.

Quick question ( I'm not an iPhone user btw ) : How can the thief steal your phone AND your passcode?

Funny enough, one of my colleagues recently shared how as an Android person he learnt about iCloud locks on iphones and realised this couldn't be done on Android (you can just flash a custom rom) and later switched to iphone. This is even worse than losing a phone. As long as there is tech, there will be exploits

How about switching from apple ?

Having a security key linked to your AppleID seems to resolve most of these issues.

It is possible to disable the screen time password with the iPhone password too

Would you have to put a lock on find my phone as well then ? Like screen time ?

Good Job, Apple. Keep it up~~

This video is so helpful!! Thanks.

I found a major bypass with this security tip of using different pin to block settings changes. The bypass is the Apple support app which lets you change passwords etc without having to enable changes (thereby entering new unique pin)

should i provide my apple id on the screen time passcode?

This is an issue of education. And I have seen MANY posting on the solution (including myself) on the prior installments of this WSJ series. NONE of this would be an issue if people properly used Touch / Face ID. BUT they have to be educated on both USING it AND setting it up! And I know there will be those that say "Touch / Face ID does not work, I have to keep entering my passcode, etc. etc." Again... Non-issue. Set it up correctly and you will not have issues. It's all about doing it correctly. For touch ID, use multiple fingers the way iOS guides you through it. For Face ID, hold phone ahead of you and slowly rotate your head while looking at the phone. Save multiple "looks" with / without glasses, hats, hairstyles, etc. I can't tell you how many clients I've had to convince to USE touch/face ID and have had to dispel people's fears about using biometrics. These are complex devices that have access to our lives. Lots to educate people on, BUT ABOVE ALL, USE BIOMETRICS!!!!!!!!!!

These loopholes need urgent action. How about considering the "Picture Password" as additional/optional security feature BlackBerry had before? 6-digit code is not secure enough.

I’ve now taken the extra precaution of protecting my iphone and ipad. One thing that a user could do, and admittedly it would involve some work, is to backup all your photos and other important documents to an external HD or SSD and then delete those things from your Apple devices. You can keep essential ones on your devices but as long as they are backups externally, and not on your devices or in an icloud account, they should be protected. You could also store your photos on a non-Apple cloud service that you can access via the web and not an app. That way, if your phone gets stolen, a thief won’t know if you have another cloud service if you don’t have an app downloaded for it.

Retina scan... is that where you sit on the photocopier?

Thanks 👍🏻 👏🏻

Build a NAS or use a usb stick for backup

So basically the underlying flaw is with traditional pins and passwords. It's slightly concerning to have account data protected by just the passcode to the device.

But this is all reliant on the thief having your passcode… how do they get this if you use Touch ID or Face ID?

This just happened to me and I lost over 20,000 photos 2,000 videos. The last pictures of my dog before he passed away, the last voice messages from my grandparents before they passed, all my photos from my travels around the world just gone. Apple was able to verify that I was who I said I was on the phone but would not revert my Apple ID back to the original email and allow me to change the password. It's heartbreaking. I'm at such a loss.

The problem with her "screen time passcode" solution is that now if the thief knows your iPhone passcode, they can go to change screen time passcode, choose 'Forgot passcode' which will require you to login Apple ID, choose forget password, input the Apple ID (which can be found relatively easy if you have access to the phone already), choose to verify using iPhone's passcode (which they obviously have) and voila, you can turn off the screen time passcode and continue the steps in this video.

Can Apple improve on this? Of course! Can the average iPhone user be more proactive in protecting themselves? Absolutely! If you have to enter your passcode for ANY reason, make sure 100% that you are trying your best to cover and hide your hand. The first defense in protection from thieves is yourself!

Lot of work for a phone glad I old school no thank you Apple 🍎🍏