this post was submitted on 21 Jun 2023
21 points (100.0% liked)

Apple

4 readers
1 users here now

A magazine for news and discussion about a small Silicon Valley fruit company.  ### See also

founded 1 year ago
21
iOS 17 and macOS Sonoma Add Passkey to Your Apple ID (www.macrumors.com)
submitted 1 year ago by [email protected] to c/[email protected]
3 comments fedilink hide all child comments
 

Starting with iOS 17, iPadOS 17, and macOS Sonoma, users with an Apple ID will automatically be assigned a passkey, allowing them to sign into their Apple ID with Face ID or Touch ID instead of their password.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago (1 children)

It's a hack but the work around to that is to set a screen time passcode, and disable the ability to modify the account in content and privacy restrictions. Setting this passcode to something other than your main code should help against those who know/spy upon your main code.

Since I can't think of a reason you'd be constantly accessing your iCloud account info - especially in public - this isn't that much of an inconvenience, and limits anyone's ability to discover this code.

The only issue is remembering to re-enable the content restrictions when you're done with whatever you needed to unlock it for. But the same can be said for any manual lock.

[–] [email protected] 2 points 1 year ago

Sad news: ATP shared the same trick a few months ago and received feedback that it's easy to work around:

Multigreg writes, I set a screen time restriction with the passcode, without the option to remove it using the Apple ID. I tapped cancel and hit skip. When I try the forgot passcode link, it still guides me through the options to enter my Apple ID or device password or find a forgotten Apple ID…

So the mitigation that we said last time, that specific one about the screen time password, if you did that on your phone, just remove it because it's not actually helping. I mean, I don't know if you want to remove it because it will slow them down. It will slow down the thief a little bit because now they have to go through the forgot password flow, which is kind of annoying. And you know, so it's a speed bump, a tiny speed bump, but that's about it.

AFAIK the best advice we can give people is to set a strong device passcode and never use it in a public space. Always use FaceID, and have "Require Attention" toggled on.