User profile for user: sydney451
sydney451 Author
User level: Level 1
4 points

Is the “trusted phone number” inside your Apple ID a security flaw?

Imagine your iPhone gets stolen. Inside this iPhone is your SIM-Card. That SIM-Card is your only SIM-Card and it is enlisted as "trusted phone number" in your Apple Account. The iPhone is the only Apple product you own.

(Note: I believe this setup is not "special" at all, but rather common.)


The attacker now takes out the SIM and puts it in another phone where the PIN/PUK is easily cracked within less than 24h. Enabling the attacker to receive recovery messages/calls.


Apple now provides account recovery based on your enlisted "trusted phone number".


I understand that the phone itself remains safe since it has its own secure password. But the Apple ID with iCloud is at risk.


What can you do to protect yourself against this scenario?

Since it was the only Apple product and SIM you had, is it going to be hard to secure your Apple ID with email and password when your iPhone and SIM goes missing?

Posted on Jun 3, 2021 5:54 AM

Reply

Similar questions

1 reply
User profile for user: Eric Root
Eric Root
User level: Level 10
685,215 points

Jun 3, 2021 6:33 AM in response to sydney451

Some thoughts.


How would the thief know your Apple ID and password?


If you went to iCloud.com/Find and locked the phone, that might stop the thief from accessing your account.


Find My Phone - Lock and track your device using Lost Mode.       


Find My Phone - If your device is lost or stolen.      


Contact your carrier and ask them to cut off service to the phone since it is lost.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Is the “trusted phone number” inside your Apple ID a security flaw?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up