iPhone users must turn on Apple's Stolen Device Protection feature

Image credits: greenwalds/Getty Images

Yesterday, Apple released a new version of iOS with a bunch of new features, like collaborative playlists in Apple Music and a new Unity wallpaper for Black History Month. Another interesting new feature in iOS 17.3 is the so-called Stolen Device Protection. It is disabled by default and I encourage iPhone users to turn it on when they update to iOS 17.3.

This feature is a result of investigation By Joanna Stern and Nicole Nguyen for The Wall Street Journal. They discovered that the thieves were stealing money and accessing sensitive data that was supposed to be securely stored on the iPhone and its related iCloud account.

The reason why a passcode is an important piece of information is that you can use it to unlock the phone and change some settings. Even when Face ID (or Touch ID) is turned on, you can still use your passcode as a backup way to unlock your phone and change settings.

iPhone thieves take advantage of this ability to go to bars late at night and talk to strangers to get their passcodes from them.

For example, an iPhone thief Tell Joanna Stern He would tell his victims that he wanted to add them on Snapchat. Since it's often easier to enter your contact details directly on someone else's phone than to say them out loud, a thief might say they can type in their username directly.

When the person hands over the phone, the thief locks the phone and says the iPhone is locked. Then just ask for the passcode and remember it later.

After the phone is stolen, the passcode can be used to unlock the device and change the Apple ID password in the phone settings. This way, Find My iPhone can be disabled, which means the target cannot remotely wipe their device.

Many iPhone users also store passwords, such as banking app passwords, in iCloud Keychain as well as credit card details in Safari's Autofill preferences. Thieves can also open encrypted notes in the Notes app to see if you store your Social Security numbers there.

They can also use Apple Pay directly. Again, the passcode can be used if Face ID fails – thieves can also register their faces in Face ID if they have the device passcode.

Apple gives you a watch to remotely wipe your device

As a protection mechanism, Apple introduced Protect stolen device In iOS 17.3. When turned on, some actions will require biometric authentication with Face ID or Touch ID, such as access to stored passwords and credit cards.

In addition to requiring Face ID or Touch ID authentication, changing your Apple ID password, changing your passcode, and turning off stolen device protection also require a security delay. When you first try this procedure, your iPhone tells you that you have to wait at least an hour to make an important change.

This way, if someone steals your device, you have the opportunity to remotely wipe your iPhone using another device to make sure your data stays safe. There is one exception though. If you're in a familiar place, like your home or work, you don't have to wait an hour to make an important change.

It's not perfect, but Apple is trying to strike the right balance between security and convenience. You can head to Settings > Face ID & Passcode > Stolen Device Protection To turn on this new security feature.