An iPhone security setting allows miscreants and thieves to lock users out of their stolen iPhones. First reported by The Wall Street Journal, 46 years old, Greg Frasca lost access to his iPhone 14 Pro, stolen from a bar in Chicago. Thieves used his passcode to change Frasca’s Apple ID password and also enabled the recovery key to permanently lock him and prevent him from tracking them. Thieves are using the 4 or 6-digit passcode to access stolen iPhones, as had happened to 28 years old Trent as well, whose iPhone XR was stolen from a bar in Manhattan. Using the recovery key to lock out the user entirely is a new tactic to prevent tracking. Here are all details about how thieves use this feature and what exactly this feature is.
iPhone Thieves Are Using Recovery Key to Lock Users Out
According to The WSJ report, Frasca’s iPhone 14 Pro was stolen at a bar in Chicago after they observed his passcode. The iPhone was stolen to access banking and Apple Pay accounts. However, not only did thieves access his iPhone using the passcode, but they also changed his Apple ID password. They went a step further and set up the recovery key on the iPhone to prevent Frasca from tracking them down.
As is usual in such cases, Apple support is of little help to the victim. Frasca has even offered to fly down to Apple headquarters from Florida with his ID and $10,000 to get access to his iPhone back. The main reason is that the stolen iPhone 14 Pro had eight years of photos of his young daughters.
For the uninitiated, Apple introduced the lesser-known security feature called recovery key with iOS 15 and iPadOS 15. This feature lets users recover access to their Apple ID account with two-factor authentication if they forget their passcode or get locked out of the account. A 28-digit recovery key is generated when enabled, which should be kept safe to reset your password or access your Apple ID.
What many need to know is that turning on the recovery key turns off account recovery. This is a catch-22 situation, as account recovery is the process that helps you get back into the Apple account if users don’t have enough information to reset passwords. Here’s where it gets tricky: you need access to all your trusted devices and the recovery key to get back into the Apple account.
However, if you have no other trusted device other than your iPhone and no copy of your recovery key, you can’t do anything to recover the device since account recovery was already turned off. This is precisely what happened to Frasca, as thieves used his passcode to turn on the recovery key and blocked all device access and tracking access.
It’s advisable to turn on the recovery key only if you have a trusted device besides your iPhone. Even then, if you would like to have the peace of mind that comes from the added layer of security, ensure you keep a copy of the 28-digit recovery key in multiple places, including a hard copy, and also share the same with trusted family members for safekeeping. This way, you will have the key whenever you need it.