How do I avoid that someone can change my apple ID password with my phone PIN?
When I go to settings -> apple ID -> password and security -> change password: I can change my iCloud password with only the pin to the phone. Let's assume now I am taking public transport, I am wearing a mask and faceID is not working. Then I have to enter the PIN. In case someone sees the pin and steals my phone after he gets access to the iCloud and through that can access any other account like banking, e-mail, etc., etc. Also, I have started to realize that certain banks, especially when outside the US, are not very lenient with fraud protection. Therefore there is a chance that the money withdrawn through such a hack can't be retrieved.
Why does apple allow this? Is there a way to block changing the iCloud password with the phone pin?