How to protect yourself from iPhone thieves who lock your own device?

(CNN) – A complicated yet troubling method to take control of a user’s iPhone and permanently lock the device seems to be on the rise.

According to a recent report in the Wall Street Journal, some iPhone thieves are taking advantage of a security setting, called a recovery key, that makes it nearly impossible for owners to access their photos, messages, data, and more. Some victims too they said To the post that their bank accounts were emptied after the thieves had access to their money orders.

It is important to note, however, that this type of attack is difficult to perform. It requires the criminal to watch the iPhone user enter the device’s password — for example, by looking over their shoulder at a bar or sporting event — or to manipulate the device’s owner into sharing their password. And all that before the device is actually stolen.

From there, the thief can use the code to change the device’s Apple ID, turn off Find My iPhone so its location can’t be tracked, and then reset the Recovery Key, a complex 28-digit code meant to protect owners from online hackers.

Apple requires this key to help restore or regain access to the Apple ID in an effort to enhance user security, but if the thief changes it, the original owner will not have the new code and will be locked out of the account.

“We sympathize with the people who have gone through this experience and we tolerate all attacks on our users, however rare,” an Apple spokesperson said in a statement to CNN. “We work tirelessly every day to protect our users’ accounts and data, and we’re always investigating additional protections against emerging threats like this.”

On its website, Apple Warn that “You are responsible for maintaining access to your trusted devices and recovery key. If you lose both items, you may be permanently locked out of your account.”

Jeff Pollard, vice president and principal analyst at Forrester Research, says the company should offer more customer support options and “authentication methods so that Apple users can reset these settings.”

Right now, there are a few measures that users can take to protect themselves from this happening to them.

Access code protection

The first step is to protect the access token.

An Apple spokesperson told CNN that people can use Face ID or Touch ID when unlocking their phones in public places to avoid giving their passcode to anyone who might be watching.

Users can also set a longer alphanumeric code that is more difficult for criminals to crack. Device owners should also change the passcode immediately if they think someone has seen it.

Screen time settings

Another move someone might consider is a hack that hasn’t necessarily been endorsed by Apple, but is one that’s been making the rounds on the internet. Within the iPhone’s Screen Time settings, which allow guardians to set limits on how children can use the device, there is an option to set a secondary password that is required for any user before they can successfully change the password. Apple ID.

Enabling this option will require the thief to enter the secondary password before changing the Apple ID password.

Back up your phone regularly

Finally, users can protect themselves by making regular backups of their iPhone (via iCloud or iTunes) so that they can recover data if it is stolen. At the same time, users may want to consider storing important photos or other sensitive files and data on another cloud service, such as Google Photos, Microsoft OneDrive, Amazon Photos, or Dropbox.

This will not prevent the thief from gaining access to the device, but it will somewhat limit the consequences if he does.