iPhone's passcode is a big security flaw on iOS

A recent report by WSJ indicated that thieves are turning to clever ways not only to steal iPhones but also the data stored within the device. For example, new cases in Brazil showed that crime groups obtained passcodes from users simply by intimidating or assaulting them. There is also an instance where they record a victim typing his/her password before stealing the iPhone.

• Apple iPhone 13 review: Should you buy it in 2023?

How an iPhone passcode can put you at risk

Once thieves have the necessary hardware and correct passcode, there are several ways they negate the security measures such as Touch or Face ID before resetting the Apple ID password from the settings. It is also possible to change the recovery key or disable Apple's Find My tracking feature on iCloud.

But the worst could happen since they will also gain access to the iCloud Keychain where passwords of bank accounts, apps, and emails are stored. Consequently, they can transfer whatever balance from your Apple Cash or use Apple Pay in transactions as well.

Basic protective steps you can take

Apple has acknowledged that issue through a recent statement released and referred to these instances as rare occurrences. However, the Cupertino giant didn't provide any steps to counter this or whether they have plans to add improvements in the upcoming software update or on iOS 17.

Instead, WSJ's Stern suggested a few basic ways to protect yourself and your iPhone, like using Face ID or Touch ID authentication when in public. More importantly, it is recommended to use a separate password manager app and have a locked note with a different passcode from your lock screen.

How do you manage sensitive data on your phone? Do you use a third-party password manager? Tell us in the comments. 

Via: 9to5Mac Source: WSJ