Many users wonder how to change password iCloud if your iPhone has been stolen. In this title we help you on this basis of cybersecurity. And, some time ago, technology journalist Joana Stern already emphasized that the standard iPhone PIN can lead to thieves stealing your entire digital life in a short time. Something that not only applies to the iPhone. The journalist specialized in Android Mishaal Rahman revealed that Android was equally unprotected: the PIN is enough to change the passwords of your Google account.
Assuming that you do not save passwords in iCloud Keychain, we have tried to replicate the experiment on iPhone and discovered that It took me less than a minute to change my Google password.
The PIN is the Trojan horse
Background. Joana Stern focuses on something key to this issue, the PIN, which By default it is four digits to choose between 0 and 9. Guessing the PIN can take time, but in the scam that I described for the Wall Street Journal, the thieves were a group of two or three people who, in a public space, used any pretext to get you to unlock your phone. After all, it is not unusual for us to be on the street or in waiting rooms with the iPhone in hand.
Although it is true that The PIN coexists with Face ID, there are times when we directly opt for the numerical code: because you’re wearing non-polarized sunglasses or a big scarf or similar, weird angles… or simply because it’s slower. You type the PIN without worrying too much, but there are eyes waiting behind you to memorize the sequence and it is not very difficult to retain it the first time. But if this is not the case, they might offer to take a photo to accidentally turn it off so you have to put it back in a second time. They already have the PIN.
Then you just have to steal your iPhone and, with the PIN, change the Apple ID password, the iCloud passwords if you have them activated, and Apple Pay. Stern explains in his report that with three minutes spent on someone else’s iPhone, they had already entered the victim’s iPhone 13 Pro and within 24 hours his bank accounts were empty. After reading so many Apple products, you might think that it rains less on Android.
However, Mishaal Rahman put on the table that also with Android using the PIN it is possible change your Google password and with it, have access to everything you use through it: emails and confidential information, documents, etc.
I’m not kidding. If a thief knows the passcode for your Android phone, THEY CAN CHANGE YOUR GOOGLE ACCOUNT’S PASSWORD. I just had to go to Settings > Google > Manage your Google Account > Security > Password > Forgot password > Use your screen lock > Tap YES on phone or tablet.
— Mishaal Rahman (@MishaalRahman) February 25, 2023
So leaving aside the fact that Apple ID is the key to information and assuming that we do not have functions such as keychain active, we have decided with an unlocked iPhone to try to change the Google password. Not only have we done it, but it has taken us less than a minute.
How to change your Google password if your iPhone has been stolen
It doesn’t matter if you access Gmail through the browser or through the application, the first thing of all will be to log out so that later, when trying to log in, the following message appears:Have you forgotten the password?‘ and let’s press yes to try to recover it.
Google is going to offer you different ways to recover your password, but some interest you more than others. For example, he has offered to send a message to my other phone or my iPad but I have told him that I cannot access these devices. In fact, if you say you can’t, the process is closed. No problem: you can repeat it immediately afterwards, until it appears in your Google application (which in my case I have installed on my iPhone) or the best: a message or call to your phone number. Once you can confirm that it is you, it allows you to change the password. I only needed the phone unlocked and operational.
After Joana Stern’s report and Mishaal Rahman’s turn, both contacted Apple and Google respectively, telling them what happened and offering suggestions to strengthen security.
Thus, while a Google spokesperson responded that:
Our login and account recovery policies try to strike a balance between allowing legitimate users to retain access to their accounts in real-world scenarios and keeping bad actors out.
Apple claimed to be working on it:
We sympathize with users who have had this experience and take all attacks on our users very seriously, no matter how rare… we will continue to improve protections to help keep user accounts safe.
Minimize risks by changing this option
While waiting for Google and Apple to take action on the matter, the best thing we can do as users is leave the PIN behind in favor of the alphanumeric code, which is longer and has more characters. Yes, it will cost you more to learn it, but the combinations increase and it will not be so easy to stick with it at the first change.
To carry it out, follow these steps:
- Go into ‘Settings’ and go down to the section ‘Face ID and code’.
- There you will have to enter your current code, scroll down and tap on ‘Change code’.
- Again, it will be necessary to enter the current code. Now tap on ‘Code options’ pto choose between three options: ‘Custom alphanumeric code’, ‘6-digit numeric code’ and ‘CóI say 4-digit numeric’.
- If you are looking for the highest possible security, select ‘Custom alphanumeric code’.
Montage with Fliker photo and own screenshot.