Felix KrauseThis is a HUGE iOS security issue. Especially the last 2 years where you'd be asked for the PIN code when wearing a mask. You're not protected from this, even with 2-factor enabled.
Michael Brown@KrauseFx it’s not
a “Huge” issue, and it also affects Android (but of course articles about Apple always sell better).
It’s the same trick people use to “shoulder surf” whilst you type your PIN at an ATM.
There is no good solution other than users being vigilant when entering their passcode.
a “Huge” issue, and it also affects Android (but of course articles about Apple always sell better).
It’s the same trick people use to “shoulder surf” whilst you type your PIN at an ATM.
There is no good solution other than users being vigilant when entering their passcode.
Matthias@mluisbrown @KrauseFx what’s the issue is how far you can get with a spoofed pin code, and that you can change the icloud password with it
@myell0w @KrauseFx that’s a good point. Apple ought to require the existing iCloud password in order to change it 👍 Although that wouldn’t prevent users having their bank accounts emptied, but it would prevent disabling Find My and locking people out of thei iCloud account.
Ironically not having a passcode at all would protect you from this as then you do need your existing password in order to change it.
Ironically not having a passcode at all would protect you from this as then you do need your existing password in order to change it.