Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: 12questions
12questions Author
User level: Level 1
7 points

How do I avoid that someone can change my apple ID password with my phone PIN?

When I go to settings -> apple ID -> password and security -> change password: I can change my iCloud password with only the pin to the phone. Let's assume now I am taking public transport, I am wearing a mask and faceID is not working. Then I have to enter the PIN. In case someone sees the pin and steals my phone after he gets access to the iCloud and through that can access any other account like banking, e-mail, etc., etc. Also, I have started to realize that certain banks, especially when outside the US, are not very lenient with fraud protection. Therefore there is a chance that the money withdrawn through such a hack can't be retrieved.


Why does apple allow this? Is there a way to block changing the iCloud password with the phone pin?

Posted on Feb 26, 2023 10:24 AM

Reply
Question marked as Best reply
User profile for user: 12questions
12questions Author
User level: Level 1
7 points

Posted on Feb 26, 2023 11:05 AM

In Content & Privacy Restrictions I set "required password" to "always required" (better security in the App Store) and "Allow Changes -> Account Changes" to "Don't Allow" -> this helped to prevent the problem. Thank you :)

View in context

Similar questions

8 replies
User profile for user: 12questions
12questions Author
User level: Level 1
7 points

Feb 26, 2023 11:27 AM in response to lkrupp

Hi,


I saw a YouTube video about it recently (probably based on the Wall Street Journals article)I do realize that all electronics are vulnerable. But through this, it's relatively easy to access most of my personal data and I do not like the go-to recommendation of "be careful with your pin and make it more complicated".


This actually helped best and in my opinion, should be the go-to recommendation: In Content & Privacy Restrictions I set "required password" to "always required" (better security in the App Store) and "Allow Changes -> Account Changes" to "Don't Allow" -> this helped to prevent the problem. Thank you :)


Reply
User profile for user: Chattanoogan
Chattanoogan
User level: Level 7
24,522 points

Feb 26, 2023 11:15 AM in response to 12questions

You’re welcome.


The best defense remains a good passcode and situational awareness.


Consider changing it to a longer-than-six numeric passcode. Easy to VERY quickly enter while tough for any “prying eyes” to capture.


Also get in the habit of clicking the right “lock” button when not actually using the device.


There is no reasonable technical defense - yet - for the “in-person application of force.”

Reply
User profile for user: lkrupp
lkrupp
User level: Level 6
14,980 points

Feb 26, 2023 11:16 AM in response to 12questions

Looks like you’ve been reading the article by the Wall Street Journal circulating the internet about this. You do realize that ALL electronic devices with passcodes are vulnerable, right. People have had their debit card PINs copied by thieves and then stolen.


Apple’s official response to this article is to use an alphanumeric passcode instead of all numbers, which makes it much more difficult for a bad guy to copy. You can also do what banks recommend to their debit card customers when they enter their PINS at a sales terminal or ATM. Use your hand to obscure what you are typing.


I really think you are worried about nothing and the article published by the Wall Street Journal is more of a scare tactic than anything.

Reply

How do I avoid that someone can change my apple ID password with my phone PIN?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up