• UPDATE: Apparently the iOS 17.4 beta has added an option to always require a security delay even at familiar locations, which is a great step. I still really want the ability to specifically choose the familiar locations, to prevent the passcode from being used at all for important tasks. • ANOTHER TIP: I didn't mention this but several have mentioned that you can actually use the "screen time" feature to add a second separate required passcode for certain functions like account changes. It's a great option but might make it annoying to access other settings like info in the icloud menu.
Is there a way to designate just one location HOME as a familiar location and that's it! Only HOME and nowhere else. Seems to me that would be a popular option.
Another tip: if you can't use FaceID for whatever reason (and if you have iCloud backup enabled! really important!) you can restore your iPhone by putting it into download mode, then restoring and reset it using a Windows/Mac. In most case you won't loose any data.
@@BillAnt I'd bet it's safer to use a relatively locked-down system, like a phone, instead of a computer where you have many more chances to install anything, good and bad, making the attack surface much wider.
@@HMijailAntonQuiles - Don't know about that, but what I do know is that in the past 20 years I've been using my computer exclusively for all my financial transactions, I haven't been hacked even once. I don't install every random app I find on the web, and don't click on every "You won a million dollars!" link either. And yes for dummies who do all that I don't recommend neither a phone or computer. lol I just feel more comfortable and easier to type on my real keyboard on a large screen than squinting at my phone screen. But hey, to each their own.
@@HMijailAntonQuiles - What I do know is that in the past 20 years I've been using my computer exclusively for all my financial transactions, I haven't been hacked even once. I think that's a pretty darn good track record of safety.
Update: iOS 17.4 beta includes the option to Always require a security delay instead of just unfamiliar locations, effectively working around this flaw.
It’s because normal people will find it annoying that the restrictions exist at all times. So Apple does you a favor and by default makes it so you don’t have to worry about it getting in the way!
*FYI I'm running iOS 17.4 Dev Beta 1 and there is a new feature to require security delay "Away from Familiar Locations" OR "Always", so no need to turn off Significant Locations, if that's what you're worried about.*
You can add an additional layer of security by turning on screen time and disabling account changes so it’ll be harder for thief’s to sign out of iCloud As you can’t go to settings-> screen time -> then content restrictions at the bottom turn off account changes
I also have implemented two additional security steps. 1. I set a pin for screen time and disabled passcode changes and account changes. This way even if they know your passcode they still can't change your device passcode or your Apple ID password. 2. I set up an automation in the shortcuts app that automatically locks the phone any time you open critical apps. The automation only applies if the phone is not connected to my home wifi. So for instance, you are sitting at the bar texting your SO and someone walks up grabs the phone out of your hand and runs while it's still logged in. They open the settings app, the phone automatically locks. It's really not all that much extra effort to just use your touch id or face id to quickly log back in. It's basically no different than how some banking apps request a touch id to open the app. I also applied it to my email app as well, because if they get access to your email they can start doing password resets on accounts you have tied to that email. And I have other apps set up that way as well.
An additional layer of protection in conjunction to using Stolen Device Protection is to set a 4 digit Screentime passcode, ENABLE Content Restrictions and then DISABLE the following two items: 1) "Allow Account Changes" and 2) "Allow Passcode Changes". This is the method I used before SDP became an option in iOS 17.3, and I intend to carry on using this as a "belt and braces" approach. Can't be too careful!
That’s Advanced Protection (I call it)😂👍 The iPhone will be useless for a thief! I don’t really understand why thieves keep stealing iPhones in 2024 when they’re aware of Find My and all of the security protection iPhone has? I see it as a bad investment for the thief himself…
@@Roy-ij1wq The screen time password is limited to 4 digits, so whilst it’s not that secure, it’s one extra barrier a thief would need to overcome and importantly, it does give you a bit more time to access your iCloud account remotely and change your main passwords. The normal screen lock password can be a random mix of numbers, letters and special characters, or a pass phrase which I personally prefer - e.g. several memorable words, each separated by a hyphen.
Great video, thanks! Apple did make this new feature a little over-complicated. It would have been better had they allowed you to specify your own significant location(s), that way you could potentially set just a single significant location (e.g. your home) where the additional protection is overridden.
1) What if your phone faceID breaks? Can it still be recovered/transferred to a new phone? 2) On airplane mode on lock screen, what about the bluetooth lost beacon for powered off phones?
You should activate Screen Time to YOURSELF -> and disable passcode and account changes (under Content & Privacy Restrictions). You ofc set a different numerical code here than your ”regular” passcode. After this, the thief now would have to know your passcode AND the different Screen Time code to do anything account or passcode related.. BUT…. This might not be 100% bulletproof, because you CAN reset the Screen Time code via AppleID, but it prevents the process to be ”familiar” and fast..
Turn on screen time, set a different passcode for screen time, and under Content & Privacy Restrictions, set Passcode Changes and Account Changes to 'Don't Allow'. This way, even if they somehow got your regular screen passcode, they will not be able to make any passcode or account changes without knowing the separate screen time passcode that you set.
Thanks Thio! 💜 Many people commented that there's a fix for this flaw in the iOS 17.4 beta, but the other topics in this video might be just as important.
totally awsome and professional. Thank you for this valueable and useful information we should all take a half hour and do the things you suggested in our iphones. Keep up the great work.
Screen time is a good way to ensure additional protection, you’ll rearly ever need to enter your screen time password, and a thief will need it to change your account settings and your passwords … it’s quite easy to set up too… screen time - set screen time passcode - content and privacy restrictions - account changes and passcode changes - select don’t allow … I kept this on even after enabling stolen device protection cause I’ll be keeping significant locations on… Keep in my mind, one time you’ll need to use your screen time passcode is when you yourself need make changes your account or passwords - eg. Face ID is hidden from menu so you’ll need to disable screen time to access it (well just allow changes - then change back to don’t allow after)
Good video. The Screen Time pin lock workaround seems more secure with less hassle (not having to wait an hour). The simplest solution that Apple could have implemented would be allowing you to choose a different PIN/Passcode for critical system services or apps.
I would have thought "significant locations" are places where you have unlocked your device (otherwise a thief could hang out in an area with your phone till it got added to the list)
More than anything, the video confirms why I don't use my Apple account for anything more than the most basic of functions. Thanks anyway Thio; a really informative video as always.
There's a pretty easy work around to that. Sensitive settings like find my phone, face unlock and apple account settings should simply have different pin and not lock screen code. I never understood why they didn't apply that tbh.
I think that’s just too complicated for many users, having to remember multiple codes would become inconvenient and bothersome. Especially for elderly iPhone users. They can barely remember their one passcode or password lol
5:42 I've no phone but ipad. when i scroll around the map i can see other locations. my university has two campuses. both are marked at significant locations. haven't been there for a year. my home apparently is no significant location haha.
EVERY TIME I backup my phone, plug it in to charge via USB or even when downloading photos I MUST type in my passcode. It is needed a lot more than you suggest.
One big correction find my is NOT disabled even by being powered off anymore, the recent iphones completely turned off are still able to be located through Find my, they act as an airtag all the time. Putting it into airplane mode or powering it off does not affect this anymore.
It used to be easier to lock down apple account with a screen time passcode. However with recent changes they have made it harder to do that. It can still be done with screen time passcode but you have to remove your passcode which makes no sense.
Thank you so much for the video. My mother passed away and I have her iPhone but with Stolen Device Protection enabled as well as Face ID, I am unable to access it to format it. I have her device password as well as her Apple ID password. Do you have any idea on how I can turn off Face ID so I can format the iPhone?
Seems odd that Stolen Device Protection (SDP) requires Face ID to access certain features, but iOS still forces me to enter my passcode on a regular basis to use Face ID. Makes no sense if Face ID is the more secure authentication. I already have Significant Locations disabled to save battery.
You can also add unlocking to face ID by recognizing a code word or phrase, which the user could record in advance using sound recording. It would be nice if they added this
Thanks for all the information! I just have one question - is it necessary to disable Siri in the “Allow access when locked” section That means the “Hey Siri” phrase won’t work while it’s locked, right?
"the new extra protections don't apply in familiar locations which you at no control over can't even see what they are" God that's such an Apple thing to do isn't it? They have this huge focus on security but they're also focused on making their tech accessible to even the dumbest of people to the point where they will literally make something less secure as a way to give the user less to think about. It reminds me of the BLE spam bug. These manufacturers design it so that it's "easy" to pair your headphones by proximity that you can just spam out Bluetooth pair requests and lock up the phones. The simple easy fix for this is just put a toggle for proximity pair but no that would be too confusing for the user 🤣 For the BLE spam you have to literally turn off Bluetooth and for this you have to turn off familiar locations simply because they don't give you any sort of advanced control over how it works.
You obviously didn't read the document that was on screen 5:11 as they do not use significant locations, but familiar locations like Home or Work which you do set! Complaining is easy, but reading is hard.
This whole video is about how you can't set familiar locations 😂 He's saying as a work around you can turn off significant locations as familiar locations are (presumably) derived from significant locations. Show me documentation from Apple saying you can manually control familiar locations because everything I can find supports what Thio said about it not being able to be manually set it and about how it relies on the significant location feature.
@@johnsmith8981 , its not read the document at 5:11 video. Joe got it all wrong as it says Home and Work! So no issues except someone needed to make a video and people falling for it!
@@craiggmelville I would like you to explain to me exactly how I set my home and work location as a familiar location. I love how you are saying I didn't read it when literally the timestamp you have linked to me says nothing about how the home and office locations are set... You said complaining is easy but reading is hard and yet here you are posting a timestamp of 5:11 that says It uses significant locations without saying anything about how you manage significant locations. Right now Apple sets your home or office automaticall. Basically Apple going "trust me bro we know where you live and work and couldn't possibly be wrong about it." If you want to call me out here and say I'm wrong I'm fine with that but please provide evidence that you can manually control your work and home locations for familiar locations and stop posting the 5:11 timestamp because clearly we both agree that they are using familiar locations that has nothing to do with your argument; you are saying that there is "no issue" and this video is about how Apple doesn't allow you to SEE or SET your work or home locations manually. You either need to explain why that's not a problem or explain how you actually can see/set them manually.
@@johnsmith8981 , think about it how do you add your home and work addresses into the phone? Via Contacts App, My Card and you could have many defined. Joe went on to say he thought these were derived from all the places that you visit like a coffee shop etc. How ridiculous is that when you think 🤔 about it?
Don't let others use your cell phone. Thumbs up, TJ--great information here. Here is a problem. The face recognition on my phone is bad. Better than half the time I need the passcode to unlock. I thought that is how things were with iPhones. I might lock myself out of my phone if I rely only on face recognition.
People steal phones consistently at bars from girls purses. It is not just as simple as not letting someone use your device. There are real victims of theft. Then identity theft from these flaws. You need to consider every scenario before oversimplifying a solution.
The face recognition works incredibly well. You should try to do a reset as people sugested here, maybe change the screen protector if you use one, and so on.
@@dmc6617 You nailed it. My screen protector was causing the problems, even though it is thin and clear plastic. I lowered it a bit so the lens is not covered, and it seems to be working perfectly now. I appreciate the advice!
The most fatal flaw for stolen iPhones (not accounts, like this video covers) is not explicitly asking for a password to enable airplane mode while locked. This immediately removes it from the FindMy network so you can’t attempt to locate it. You can disable control center, but then you lose some features. No one should be able to disconnect your phone from network without unlocking the device. Even turning the phone off keeps it findable.
With an IPhone SE2 I am stuck after enabling this new feature. I cannot access my passwords or make certain changes any longer. I almost always use my numerical codes to enter in as my phone case has a film over the home button that does not allow it to recognize my fingerprint. While I have access to most of the phone, I am stuck in an endless loop of a Touch ID requirement and after removing the phone case to access the home button, it does not recognize my fingerprint! Unfortunately any of the options to fix this requires a Touch ID to verify. This phone does not have Face ID. So far unable to find a fix. Not sure yet if I have a faulty home button fingerprint recognition, or if it is the stolen device protection that is negating the Touch ID. Still looking for a solution. Great video by the way! 😊
I just got a 15 Pro a few days ago and set up a 4 digit PIN because I wanted some security, but to still be able to unlock it quickly, mostly so I can easily change the music while driving. But it's nice to know that if you set a alphanumeric password you don't have to enter it all the time, so this problem wouldn't be as obnoxious as I assumed it would be under the same circumstances.
You can disable account and code changes from the Screen Time menu and set up limitations with a different pin code. It's meant to allow you to let your children play on your phone and restrict them from changing vital stuff. It also works if some thieves have tricked you into unlocking your phone. With this, any thief can't change your code or do any account setting stuff without the extra pin code.
The places I visit the most are my university and work which is a hospital are probably the places my phone is most likely to get stolen so this is very helpful
I wanna turn this feature but I have a question. That one hour delay. Would the owners of the iPhone also have to wait for that 1hr to change to make changes or is there a way the owner can by pass the one hour delay. I hate to turn on the feature then have to wait an hour when I wanted to make changes.
Thanks for the video and changed my settings. What I found interesting is, on lock screen it asks for my face, which is great. So I tried to see what would happen if I didn't point the camera at my face and the password screen comes up. So now the thief with your passcode can still get into your phone.
I thought you would need Face ID to turn on the Significant Locations anyway. Perhaps that's something you need to try, when it's off and the Stolen Device Protection is on, can you even turn on the Significant Locations option with a passcode only.
I've watched several presentations on this feature and read Apple's online article, but none address the problem I see with turning this feature on. I travel frequently, which some might say "OK, turn the feature on since you need it more than most due to risk of theft being high." The problem I see is that I'm frequently in new locations, and if I need to change my Apple account credentials, this feature could obstruct me from being successful when I might need it most.
One of my familiar locations is the gym…. A place where people might see you enter your passcode from over your shoulder, and people sometimes have their phones unlocked playing videos while they work out. I wish I could edit this location out.
Yes i know, same problem here. But i dont play youtube because of this, this is so stupid. I play music with apple podcast with locked phone to my airpods, sometimes i must lay my phone on a bench but its still locked..... And i only use face id.
It would have been better if he had given explicit directions to get to the right setting, as I sometimes need to be told how to do something like I'm five years old. Go to Settings > Privacy & Security > Location Services > System Services (which is all the way at the bottom, as I found out), then tap Significant Locations. Tap Clear History, then turn off Significant Locations
Question, in a familiar location, does it let you use the passcode as fallback for ALL the features, or just for disabling Stolen Device Protection? If it's the latter, you could just restrict access to the Passcode & FaceID settings using Content Restrictions in Screen Time, and set a separate Screen Time passcode to prevent changes. Also you can restrict Account Changes to prevent access to iCloud settings.
In familiar locations you still get the security delay, but the passcode is usable for everything. Even in unfamiliar locations, unlocking the phone itself is available with the passcode. Only the more serious stuff like fiddling with the Apple ID, with Find My, or Apple Pay, those become protected.
Alphanumeric passcode. Maybe thieves steal from their “professional” job, where they have access to store’s security footage? Or on a bus? Also there are thieves that frequent meetups for the sole purpose of data theft. Similarly, they may monitor accounts where people publicly share their home info and when away from home.
I appreciate videos that show iOS devices security flaws. I like to think Apple employees watch them too cus every updates to my iphones security system, make me feel 10x more at ease when I misplace my iphone. Thanks
Messing around with the device protection feature, I had to wait an hour even at home to make changes. Strange that my home wasn't considered a "familiar location"? So, hoping they are pretty strict with familiar locations
I've never had reliable Touch ID unlocks on any of my iPhone, iPad and MacBooks. Every time I set them up, it stopped recognizing my finger after a few days. Face ID still works well but the experiences of using Touch ID for some 10 years makes me very worried of the situation where Apple just seems to randomly put patches on their device security design without thinking about their usability and security. Why we have to choose either the password or the biometrics? Why don't do a proper 2FA? (e.g. require any 2 of a hardware security key, biometrics and a password) I ended up supervising all my iOS devices and register them to MDM so that I get managed lost mode. It comes with their own caveats though.
Do you lock the account settings under Screen Time, Content and Privacy settings, Account changes? It stops access to your Apple ID section in settings.
Even with Stolen Device Protection enabled and your extra suggestions followed, if my phone is stolen how do I access my Apple ID account without Apple sending a security code to the thieves instead of me? Obviously with a second device logged in it’s ok but if I need to use a friend’s phone? Apple devices are very costly, not everyone has 2?
Yesterday I was at some grocery store and it shows up at significant locations. I literally haven’t been there for a year before that and maybe 2 or 3 times in my whole life since it’s in the neighboring town. How can this be a significant location? It only should be home and work. That’s it. I got 207 significant locations what might as well probably be the whole city I‘m living in.
@ThioJoe, it says clearly in the document you showed at 5:11 "familiar location, such as home or work". So no FATAL FLAW then and they did differentiate between familiar and significant locations!
Just turn on screen time content privacy and restrictions. Disallow change of passcode and account, then you create a separate pin to turn these on or off. Done. Even if the thief gets the password, he won't be able to do much.
Thanks bro it was a great talk ! Why don’t disable password change in screen time so when the thief wants to change the password he will be required to enter the screen time password 😮😊
From my experience, I believe familiar locations are the locations your apple maps thinks you might drive to when you get on your car. I get my house, work, and the gym
There goes your ecosystem, easily taken down in one swoop. I'm still puzzling how Apple still thinks it's better for the convenience over security to use the lock screen password to change anything on the Apple account, even after all these reported crimes happening in real life, they still blame the users and make half-baked adjustments to fix the issue. Like something as simple as requiring the phone to be unlocked to toggle airplane mode is not available and you have to hide the whole control center on the lockscreen to avoid that. My 5 years old Android phone has already been able to prompt the users to unlock the phone when they toggle certain items from the lockscreen and probably most phones before it. Clearly Apple has not thought about security enough.
they value what the consumer values. Its hard to force good security practices on users unless the whole industry does it, otherwise people will just switch to other companies or turn off the features. People love convenience.
6:06 this is probably a security feature, because if you could find it, then someone trying to do something could also find it to figure out where they need to get your phone again…
At least for all of the AppleID/account-related issues, I can’t understand why Apple doesn’t just _require_ one’s AppleID password, no exceptions, to make changes. Or at least let users themselves force this instead of bizarrely allowing a device passcode to do anything at all related to account security. So stupid.
Would it make a difference if you had one p/w to unlock the phone plus your heavy duty pass code to unlock important things? Thief would need two pass codes but you would be providing only one.
• UPDATE: Apparently the iOS 17.4 beta has added an option to always require a security delay even at familiar locations, which is a great step. I still really want the ability to specifically choose the familiar locations, to prevent the passcode from being used at all for important tasks.
• ANOTHER TIP: I didn't mention this but several have mentioned that you can actually use the "screen time" feature to add a second separate required passcode for certain functions like account changes. It's a great option but might make it annoying to access other settings like info in the icloud menu.
This video looks like AI'd your face
Is there a way to designate just one location HOME as a familiar location and that's it! Only HOME and nowhere else. Seems to me that would be a popular option.
@@kensteele3363 No. There isn’t.
Another tip: if you can't use FaceID for whatever reason (and if you have iCloud backup enabled! really important!) you can restore your iPhone by putting it into download mode, then restoring and reset it using a Windows/Mac. In most case you won't loose any data.
Guess what: You can still change the screen time password with just your phone password.
love how he went straight to the point
Or just don't use a phone for everything like financial and other sensitive apps. instead, do it on a home laptop/computer, problem solved. ;D
@@BillAnt I'd bet it's safer to use a relatively locked-down system, like a phone, instead of a computer where you have many more chances to install anything, good and bad, making the attack surface much wider.
@@HMijailAntonQuiles - Don't know about that, but what I do know is that in the past 20 years I've been using my computer exclusively for all my financial transactions, I haven't been hacked even once. I don't install every random app I find on the web, and don't click on every "You won a million dollars!" link either. And yes for dummies who do all that I don't recommend neither a phone or computer. lol
I just feel more comfortable and easier to type on my real keyboard on a large screen than squinting at my phone screen. But hey, to each their own.
@@HMijailAntonQuiles - What I do know is that in the past 20 years I've been using my computer exclusively for all my financial transactions, I haven't been hacked even once. I think that's a pretty darn good track record of safety.
love how he actually showed us how to do it (he didn’t)
Update: iOS 17.4 beta includes the option to Always require a security delay instead of just unfamiliar locations, effectively working around this flaw.
It’s not a flaw, it’s a designed convenience for regular people.
It is a flaw if the design fails to consider a very important side of the picture, or if the measures taken for this are insufficient@@SeanTube2099
It’s because normal people will find it annoying that the restrictions exist at all times. So Apple does you a favor and by default makes it so you don’t have to worry about it getting in the way!
*FYI I'm running iOS 17.4 Dev Beta 1 and there is a new feature to require security delay "Away from Familiar Locations" OR "Always", so no need to turn off Significant Locations, if that's what you're worried about.*
If someone enabled it in 17.3 and updated to 17.4 is the Always option selected by default?
@@atpray No
(Pro tip: "all bold" means nobody reads what you write).
It doesnt require faceID to set it back to familiar locations. lol
You can add an additional layer of security by turning on screen time and disabling account changes so it’ll be harder for thief’s to sign out of iCloud As you can’t go to settings-> screen time -> then content restrictions at the bottom turn off account changes
Thanks!
I also have implemented two additional security steps.
1. I set a pin for screen time and disabled passcode changes and account changes. This way even if they know your passcode they still can't change your device passcode or your Apple ID password.
2. I set up an automation in the shortcuts app that automatically locks the phone any time you open critical apps. The automation only applies if the phone is not connected to my home wifi. So for instance, you are sitting at the bar texting your SO and someone walks up grabs the phone out of your hand and runs while it's still logged in. They open the settings app, the phone automatically locks. It's really not all that much extra effort to just use your touch id or face id to quickly log back in. It's basically no different than how some banking apps request a touch id to open the app. I also applied it to my email app as well, because if they get access to your email they can start doing password resets on accounts you have tied to that email. And I have other apps set up that way as well.
This is a great idea. Thank you
An additional layer of protection in conjunction to using Stolen Device Protection is to set a 4 digit Screentime passcode, ENABLE Content Restrictions and then DISABLE the following two items: 1) "Allow Account Changes" and 2) "Allow Passcode Changes". This is the method I used before SDP became an option in iOS 17.3, and I intend to carry on using this as a "belt and braces" approach. Can't be too careful!
This method also works across Macs, iPads, and other iPhones attached to your iCloud account. As of 1/28/2024 SDP only can be enabled on iPhones.
That’s Advanced Protection (I call it)😂👍
The iPhone will be useless for a thief!
I don’t really understand why thieves keep stealing iPhones in 2024 when they’re aware of Find My and all of the security protection iPhone has?
I see it as a bad investment for the thief himself…
Indeed. I'm surprised more don't do this.
Does this method have a three tries and you're locked feature? Also, can the screen password be longer than 4 characters and alphanumeric?
@@Roy-ij1wq The screen time password is limited to 4 digits, so whilst it’s not that secure, it’s one extra barrier a thief would need to overcome and importantly, it does give you a bit more time to access your iCloud account remotely and change your main passwords. The normal screen lock password can be a random mix of numbers, letters and special characters, or a pass phrase which I personally prefer - e.g. several memorable words, each separated by a hyphen.
Great video, thanks! Apple did make this new feature a little over-complicated. It would have been better had they allowed you to specify your own significant location(s), that way you could potentially set just a single significant location (e.g. your home) where the additional protection is overridden.
Yeah it should let you select locations
1) What if your phone faceID breaks? Can it still be recovered/transferred to a new phone?
2) On airplane mode on lock screen, what about the bluetooth lost beacon for powered off phones?
You should activate Screen Time to YOURSELF -> and disable passcode and account changes (under Content & Privacy Restrictions). You ofc set a different numerical code here than your ”regular” passcode.
After this, the thief now would have to know your passcode AND the different Screen Time code to do anything account or passcode related.. BUT…. This might not be 100% bulletproof, because you CAN reset the Screen Time code via AppleID, but it prevents the process to be ”familiar” and fast..
The screen time passcode can be reset with your regular passcode sadly.
@@markster136how so?
@@markster136 incorrect
i loved your og stuff when you just tried to piss people off, but your new stuff is kickass too. thanks for the content, you kickass!
You could also set screen time passcode and restrict changes to passcode & faceID, location services and accounts. That adds another layer of security
Another useful video!! just enabled the feature! Thanks again Thio!!
As someone who lost his 13 mini this way. I'm setting up my new 15 with this video, I've had it bookmarked since you dropped it.
LIFE SAVER 🙏
Turn on screen time, set a different passcode for screen time, and under Content & Privacy Restrictions, set Passcode Changes and Account Changes to 'Don't Allow'. This way, even if they somehow got your regular screen passcode, they will not be able to make any passcode or account changes without knowing the separate screen time passcode that you set.
Thanks Thio! 💜
Many people commented that there's a fix for this flaw in the iOS 17.4 beta, but the other topics in this video might be just as important.
totally awsome and professional. Thank you for this valueable and useful information we should all take a half hour and do the things you suggested in our iphones. Keep up the great work.
is there anyway to use this without requiring face id?
Screen time is a good way to ensure additional protection, you’ll rearly ever need to enter your screen time password, and a thief will need it to change your account settings and your passwords … it’s quite easy to set up too… screen time - set screen time passcode - content and privacy restrictions - account changes and passcode changes - select don’t allow … I kept this on even after enabling stolen device protection cause I’ll be keeping significant locations on…
Keep in my mind, one time you’ll need to use your screen time passcode is when you yourself need make changes your account or passwords - eg. Face ID is hidden from menu so you’ll need to disable screen time to access it (well just allow changes - then change back to don’t allow after)
Another good tip is to use a privacy screen protector to prevent prying eyes on the side
Good video. The Screen Time pin lock workaround seems more secure with less hassle (not having to wait an hour).
The simplest solution that Apple could have implemented would be allowing you to choose a different PIN/Passcode for critical system services or apps.
when talking about this future, nobody actualy covered this flaw, thanks, great video, helpfull as always. ur the best
iOS 17.4 Beta fixes this issue. There is another menu in 17.4 to require the delay always rather than only when not at a familiar location.
I would have thought "significant locations" are places where you have unlocked your device (otherwise a thief could hang out in an area with your phone till it got added to the list)
How does the setting for unlocking with Apple Watch play into this? Should I disable that feature as well?
More than anything, the video confirms why I don't use my Apple account for anything more than the most basic of functions. Thanks anyway Thio; a really informative video as always.
Can you elaborate?
@@Albdeanur phone will still be gone :/
There's a pretty easy work around to that. Sensitive settings like find my phone, face unlock and apple account settings should simply have different pin and not lock screen code. I never understood why they didn't apply that tbh.
I think that’s just too complicated for many users, having to remember multiple codes would become inconvenient and bothersome. Especially for elderly iPhone users. They can barely remember their one passcode or password lol
5:42 I've no phone but ipad. when i scroll around the map i can see other locations. my university has two campuses. both are marked at significant locations. haven't been there for a year. my home apparently is no significant location haha.
EVERY TIME I backup my phone, plug it in to charge via USB or even when downloading photos I MUST type in my passcode. It is needed a lot more than you suggest.
One big correction find my is NOT disabled even by being powered off anymore, the recent iphones completely turned off are still able to be located through Find my, they act as an airtag all the time. Putting it into airplane mode or powering it off does not affect this anymore.
Why only on the Iphone and not IPAD??
I'm surprised the comment section is so civil lol
Don't jinx it lol, it's only been half an hour
These videos have a great community in my experience
It used to be easier to lock down apple account with a screen time passcode. However with recent changes they have made it harder to do that. It can still be done with screen time passcode but you have to remove your passcode which makes no sense.
Nice! I have just found this feature in my new iPhone and I have noticed this flaw too. I have had the same conclusion as you. High five 🙏
Thank you so much for the video. My mother passed away and I have her iPhone but with Stolen Device Protection enabled as well as Face ID, I am unable to access it to format it. I have her device password as well as her Apple ID password. Do you have any idea on how I can turn off Face ID so I can format the iPhone?
This video has proper subtitles ❤
Seems odd that Stolen Device Protection (SDP) requires Face ID to access certain features, but iOS still forces me to enter my passcode on a regular basis to use Face ID. Makes no sense if Face ID is the more secure authentication. I already have Significant Locations disabled to save battery.
Seems like a better solution would be to require a different password and Face/Touch ID to get into the Settings app.
As I see, without pass code no harm will be done? I once forgot pass code and the phone had to be wiped. Anything changed in this regard?
You can also add unlocking to face ID by recognizing a code word or phrase, which the user could record in advance using sound recording. It would be nice if they added this
Thanks for all the information!
I just have one question - is it necessary to disable Siri in the “Allow access when locked” section
That means the “Hey Siri” phrase won’t work while it’s locked, right?
yes. siri wont work when locked
i just updated to iOS 17.4 beta and it adds an option to always require the security delay
"the new extra protections don't apply in familiar locations which you at no control over can't even see what they are"
God that's such an Apple thing to do isn't it? They have this huge focus on security but they're also focused on making their tech accessible to even the dumbest of people to the point where they will literally make something less secure as a way to give the user less to think about.
It reminds me of the BLE spam bug. These manufacturers design it so that it's "easy" to pair your headphones by proximity that you can just spam out Bluetooth pair requests and lock up the phones. The simple easy fix for this is just put a toggle for proximity pair but no that would be too confusing for the user 🤣
For the BLE spam you have to literally turn off Bluetooth and for this you have to turn off familiar locations simply because they don't give you any sort of advanced control over how it works.
You obviously didn't read the document that was on screen 5:11 as they do not use significant locations, but familiar locations like Home or Work which you do set! Complaining is easy, but reading is hard.
This whole video is about how you can't set familiar locations 😂
He's saying as a work around you can turn off significant locations as familiar locations are (presumably) derived from significant locations.
Show me documentation from Apple saying you can manually control familiar locations because everything I can find supports what Thio said about it not being able to be manually set it and about how it relies on the significant location feature.
@@johnsmith8981 , its not read the document at 5:11 video. Joe got it all wrong as it says Home and Work! So no issues except someone needed to make a video and people falling for it!
@@craiggmelville I would like you to explain to me exactly how I set my home and work location as a familiar location. I love how you are saying I didn't read it when literally the timestamp you have linked to me says nothing about how the home and office locations are set...
You said complaining is easy but reading is hard and yet here you are posting a timestamp of 5:11 that says It uses significant locations without saying anything about how you manage significant locations.
Right now Apple sets your home or office automaticall. Basically Apple going "trust me bro we know where you live and work and couldn't possibly be wrong about it."
If you want to call me out here and say I'm wrong I'm fine with that but please provide evidence that you can manually control your work and home locations for familiar locations and stop posting the 5:11 timestamp because clearly we both agree that they are using familiar locations that has nothing to do with your argument; you are saying that there is "no issue" and this video is about how Apple doesn't allow you to SEE or SET your work or home locations manually. You either need to explain why that's not a problem or explain how you actually can see/set them manually.
@@johnsmith8981 , think about it how do you add your home and work addresses into the phone?
Via Contacts App, My Card and you could have many defined. Joe went on to say he thought these were derived from all the places that you visit like a coffee shop etc. How ridiculous is that when you think 🤔 about it?
5:50 wow some how a work place for my Wife was a significant place… and I don’t really go there that often anymore.
I cleared and turned it off tho
Turning off significant locations also saves a bit of battery!
Don't let others use your cell phone. Thumbs up, TJ--great information here. Here is a problem. The face recognition on my phone is bad. Better than half the time I need the passcode to unlock. I thought that is how things were with iPhones. I might lock myself out of my phone if I rely only on face recognition.
People steal phones consistently at bars from girls purses. It is not just as simple as not letting someone use your device. There are real victims of theft. Then identity theft from these flaws. You need to consider every scenario before oversimplifying a solution.
Try if a reset of your FaceID or even een re-instal of the phone fixes your problems. Also turn off the facemask compatibility setting.
The face recognition works incredibly well. You should try to do a reset as people sugested here, maybe change the screen protector if you use one, and so on.
@@dmc6617 You nailed it. My screen protector was causing the problems, even though it is thin and clear plastic. I lowered it a bit so the lens is not covered, and it seems to be working perfectly now. I appreciate the advice!
@@MultiStats glad to help!
The most fatal flaw for stolen iPhones (not accounts, like this video covers) is not explicitly asking for a password to enable airplane mode while locked. This immediately removes it from the FindMy network so you can’t attempt to locate it. You can disable control center, but then you lose some features. No one should be able to disconnect your phone from network without unlocking the device. Even turning the phone off keeps it findable.
Aluminium alloy.
9:45 With the Control Center turned off in 'Allow Access When Locked', I can still turn on Airplane Mode from the lock screen. Running iOS 17.3.
Are you sure it isn't reading your Face Id? Try opening Control Center while covering your face or looking away.
@@reefhound9902 Yeah, my finger wasn't entirely covering the camera. 😊
With an IPhone SE2 I am stuck after enabling this new feature. I cannot access my passwords or make certain changes any longer. I almost always use my numerical codes to enter in as my phone case has a film over the home button that does not allow it to recognize my fingerprint. While I have access to most of the phone, I am stuck in an endless loop of a Touch ID requirement and after removing the phone case to access the home button, it does not recognize my fingerprint! Unfortunately any of the options to fix this requires a Touch ID to verify. This phone does not have Face ID. So far unable to find a fix. Not sure yet if I have a faulty home button fingerprint recognition, or if it is the stolen device protection that is negating the Touch ID. Still looking for a solution. Great video by the way! 😊
I just got a 15 Pro a few days ago and set up a 4 digit PIN because I wanted some security, but to still be able to unlock it quickly, mostly so I can easily change the music while driving. But it's nice to know that if you set a alphanumeric password you don't have to enter it all the time, so this problem wouldn't be as obnoxious as I assumed it would be under the same circumstances.
Yeah the passcode is only requested when your face is not recognised enough times, or once in 72 hours or so.
You can disable account and code changes from the Screen Time menu and set up limitations with a different pin code. It's meant to allow you to let your children play on your phone and restrict them from changing vital stuff. It also works if some thieves have tricked you into unlocking your phone. With this, any thief can't change your code or do any account setting stuff without the extra pin code.
The places I visit the most are my university and work which is a hospital are probably the places my phone is most likely to get stolen so this is very helpful
User: "I had a major facial injury."
Apple device: "New face who dis?"
I wanna turn this feature but I have a question. That one hour delay. Would the owners of the iPhone also have to wait for that 1hr to change to make changes or is there a way the owner can by pass the one hour delay. I hate to turn on the feature then have to wait an hour when I wanted to make changes.
Thanks for the video and changed my settings. What I found interesting is, on lock screen it asks for my face, which is great. So I tried to see what would happen if I didn't point the camera at my face and the password screen comes up. So now the thief with your passcode can still get into your phone.
I thought you would need Face ID to turn on the Significant Locations anyway. Perhaps that's something you need to try, when it's off and the Stolen Device Protection is on, can you even turn on the Significant Locations option with a passcode only.
I've watched several presentations on this feature and read Apple's online article, but none address the problem I see with turning this feature on. I travel frequently, which some might say "OK, turn the feature on since you need it more than most due to risk of theft being high." The problem I see is that I'm frequently in new locations, and if I need to change my Apple account credentials, this feature could obstruct me from being successful when I might need it most.
Apple will add more features with that stolen device protection feature just be patient 1:21
One of my familiar locations is the gym…. A place where people might see you enter your passcode from over your shoulder, and people sometimes have their phones unlocked playing videos while they work out. I wish I could edit this location out.
Yes i know, same problem here. But i dont play youtube because of this, this is so stupid. I play music with apple podcast with locked phone to my airpods, sometimes i must lay my phone on a bench but its still locked..... And i only use face id.
If you disable significant location does it not use the set home and work addresses in Apple Maps?
as someone with touch id a long code unfortunatly isnt an option since touchID barely works for me
It would have been better if he had given explicit directions to get to the right setting, as I sometimes need to be told how to do something like I'm five years old. Go to Settings > Privacy & Security > Location Services > System Services (which is all the way at the bottom, as I found out), then tap Significant Locations. Tap Clear History, then turn off Significant Locations
Question, in a familiar location, does it let you use the passcode as fallback for ALL the features, or just for disabling Stolen Device Protection? If it's the latter, you could just restrict access to the Passcode & FaceID settings using Content Restrictions in Screen Time, and set a separate Screen Time passcode to prevent changes. Also you can restrict Account Changes to prevent access to iCloud settings.
In familiar locations you still get the security delay, but the passcode is usable for everything.
Even in unfamiliar locations, unlocking the phone itself is available with the passcode. Only the more serious stuff like fiddling with the Apple ID, with Find My, or Apple Pay, those become protected.
@@paulstelian97 Well that sucks
Does the theft production work on 13promax? I do not see the menu option that show how to get there. I have 17.3 and rebooted
Should this be available on a 12 pro max?......Don't see it as an option in 17.3
Alphanumeric passcode.
Maybe thieves steal from their “professional” job, where they have access to store’s security footage? Or on a bus? Also there are thieves that frequent meetups for the sole purpose of data theft. Similarly, they may monitor accounts where people publicly share their home info and when away from home.
I appreciate videos that show iOS devices security flaws. I like to think Apple employees watch them too cus every updates to my iphones security system, make me feel 10x more at ease when I misplace my iphone. Thanks
Messing around with the device protection feature, I had to wait an hour even at home to make changes. Strange that my home wasn't considered a "familiar location"? So, hoping they are pretty strict with familiar locations
What to do if you Face ID is broken?
Screen Time - analyse in detail this setting, there are clips on youtube.
I've never had reliable Touch ID unlocks on any of my iPhone, iPad and MacBooks. Every time I set them up, it stopped recognizing my finger after a few days. Face ID still works well but the experiences of using Touch ID for some 10 years makes me very worried of the situation where Apple just seems to randomly put patches on their device security design without thinking about their usability and security. Why we have to choose either the password or the biometrics? Why don't do a proper 2FA? (e.g. require any 2 of a hardware security key, biometrics and a password)
I ended up supervising all my iOS devices and register them to MDM so that I get managed lost mode. It comes with their own caveats though.
My Face ID module is broken, is it even worth upgrading to iOS 17.3 for this feature?
No. You risk getting yourself locked out. You can update, just don’t enable the feature.
Do you lock the account settings under Screen Time, Content and Privacy settings, Account changes? It stops access to your Apple ID section in settings.
what about devices with broken face/touch id?
This!
Even with Stolen Device Protection enabled and your extra suggestions followed, if my phone is stolen how do I access my Apple ID account without Apple sending a security code to the thieves instead of me? Obviously with a second device logged in it’s ok but if I need to use a friend’s phone? Apple devices are very costly, not everyone has 2?
Apple really needs to do better with end user security options.
Yesterday I was at some grocery store and it shows up at significant locations. I literally haven’t been there for a year before that and maybe 2 or 3 times in my whole life since it’s in the neighboring town. How can this be a significant location? It only should be home and work. That’s it. I got 207 significant locations what might as well probably be the whole city I‘m living in.
Create automation at shortcut to run when airplane mode is turned on, immediately turn it off.
This is the best video on UA-cam right now thanks for sharing this information thio Joe 👍👍👍👍👍
very good info, power and home at same time, cool!
@ThioJoe, it says clearly in the document you showed at 5:11 "familiar location, such as home or work". So no FATAL FLAW then and they did differentiate between familiar and significant locations!
Hey, are use screen time and I have clocked off passcode and Face ID, and make another pin code to screen time
Would love if Apple implements scramble passcode layout instead of all the extra stuff
Is this another feature that will prevent someone from using phone if it's not removed when you buy the phone from someone?
YES! MORE THIOJOE! 🎉🎉 lets gooo! i love thiojoe ❤
Great video - thanks for the update, really useful
Apple warns if you disable significant locations will affect the way some apps operate, such as maps, gps, etc.
Not in any major way.
Just turn on screen time content privacy and restrictions. Disallow change of passcode and account, then you create a separate pin to turn these on or off. Done. Even if the thief gets the password, he won't be able to do much.
Many thanks for sharing very informative security updates god bless take care
Thanks bro it was a great talk !
Why don’t disable password change in screen time so when the thief wants to change the password he will be required to enter the screen time password 😮😊
From my experience, I believe familiar locations are the locations your apple maps thinks you might drive to when you get on your car. I get my house, work, and the gym
There goes your ecosystem, easily taken down in one swoop. I'm still puzzling how Apple still thinks it's better for the convenience over security to use the lock screen password to change anything on the Apple account, even after all these reported crimes happening in real life, they still blame the users and make half-baked adjustments to fix the issue. Like something as simple as requiring the phone to be unlocked to toggle airplane mode is not available and you have to hide the whole control center on the lockscreen to avoid that. My 5 years old Android phone has already been able to prompt the users to unlock the phone when they toggle certain items from the lockscreen and probably most phones before it. Clearly Apple has not thought about security enough.
they value what the consumer values. Its hard to force good security practices on users unless the whole industry does it, otherwise people will just switch to other companies or turn off the features. People love convenience.
there is no need to lock airplane mode. On iPhones, airplane mode doesn't disable Bluetooth so FindMy keeps working regardless.
I have 17.3 and that item Face ID and passcode between Siri and emergency SOS is not there! Why don’t I have that option?
if someone wants to "Make a phonecall" they can with the emergancy dialpad. never unlock you phone if you... have to share your phone
6:06 this is probably a security feature, because if you could find it, then someone trying to do something could also find it to figure out where they need to get your phone again…
Thanks for a great tip on IOS 17.3 security. Hopefully 17.3.1 or 17.4 will come out soon with better options.
At least for all of the AppleID/account-related issues, I can’t understand why Apple doesn’t just _require_ one’s AppleID password, no exceptions, to make changes. Or at least let users themselves force this instead of bizarrely allowing a device passcode to do anything at all related to account security. So stupid.
Would it make a difference if you had one p/w to unlock the phone plus your heavy duty pass code to unlock important things? Thief would need two pass codes but you would be providing only one.