What to do if your iPhone is stolen along with your passcode

I recently read in the Wall Street Journal that thieves are stealing iPhones along with their passcodes. This is done either by watching you enter your passcode before stealing it or by threatening you to give it to them.

Once they have the passcode, they quickly change your iCloud account, add a second Face ID, access your bank, email, and much more. Unfortunately, for now, I didn’t find a simple way to defend against this type of attack.

But, there are still actions you can take proactively to minimize the risks associated with these kinds of hacks - I've listed below some of the steps you can take.

As tech is always changing if you learn of new protections to take, reach out and let us know and we'll update the tips here.

Require a Security Delay

1. On iOS 17.4, setting a one-hour delay for changes to your Apple ID account adds an extra layer of security, giving you time to react if your device falls into the wrong hands.

This feature, found under Settings > Stolen Device Protection > “Always”, can prevent unauthorized access to your account even if your device is lost or stolen.

iPhone-security-delayThe first image is where to find the Stolen Device Protection setting itself, and the next two images are what happens if you try to change your iCloud password or phone passcode if you are not at your house or work

Don't Save Debit Cards to Your Apple Pay

Avoid storing debit cards in your Apple Pay to minimize the risk of financial loss in case your device is stolen and/or compromised. By keeping your payment information separate from your device, you add an additional barrier to financial accounts for potential attackers.

Turn On "Find My iPhone"

Enabling Find My iPhone is another proactive step you can take to further protect your device against theft or loss. This feature allows you to track and remotely manage your device, increasing the likelihood of its recovery and preventing unauthorized access to your personal data.

Go to Settings > [Tap your Name] > Find My > Find My [Device]


Freeze Your Credit

Freezing your credit provides an added layer of protection against identity theft and unauthorized financial transactions. By placing a freeze on your credit reports, you make it more difficult for thieves to open new accounts or obtain credit in your name, even if they have access to your personal information.
Learn how to freeze your credit here - it's free and is a good investment for your online identity.
While you're at it, consider freezing the credit for your kids under 18 - believe it or not scammers love  stealing identities with no credit history making kids a prime target.

Use an Authenticator App and not Just Passcodes

Using an authenticator app for two-factor authentication that doesn’t unlock with just a passcode enhances the security of your accounts. Authenticator apps generate temporary codes that are tied to your device, adding an extra layer of verification beyond just a password.

Don't save passwords to your Browser

Avoid storing passwords in your browser to reduce the risk of unauthorized access to your accounts when your phone is stolen. Instead, consider using a trusted password manager to securely store and manage your login credentials across multiple devices and you can force a log out for your mobile device if your phone is lost or stolen.

Use a strong 6-digit PIN code 

Utilizing a strong 6-digit PIN code on your device makes it more challenging for potential attackers to gain access to your personal information. A complex PIN code adds an additional layer of security, especially if someone is attempting to gain access through physical means.

password-protect Safari via Screen Time

Restrictions is a built-in iOS feature that enables users to either grant or deny access to specific apps and iOS functionalities, but you need to turn it on! Password-protecting Safari via Screen Time on iOS adds an extra level of security to your browsing activities.
By restricting access to the Safari browser with a password, you can prevent unauthorized users from accessing sensitive information or browsing history on your device. 

For iOS 12 or later on iPhone or iPad

Step 1. Go to Settings > Screen Time > Content & Privacy Restrictions.

Step 2. Set a 4-digit passcode and verify it.

Step 3. Toggle on Content & Privacy.

Step 4. Tap 'Allowed Apps'.

Step 5. To password protect Safari on iOS, just toggle off Safari.

Once finished, Safari will disappear on your Home screen. To make this web browser accessible again, you need to enable it in Restrictions.

What to do if your phone is stolen?

Taking immediate action after a theft is critical to minimize any harm a thief might cause. A few steps you should take immediately to protect your personal information and prevent further exploitation of your contacts includes:
  • Change your passwords
  • Notify your mobile service provider
  • Cancel linked credit cards
  • Inform friends and family
  • Remotely erase your phone's data

Did any of your accounts get hacked?

If you suscpect that your email or social accounts have been hacked there are some additional steps you can take to remediate those incidents as well. Check out our simple guides below to help you walk through the steps to take back control over your personal information.

Social Media Hacked?! Now What (Quick Guide)

Email Hacked?! Now What (Quick Guide)