Remember the wave of iPhone thefts over the last year where thieves observed owners entering their passcode, then stole the device, quickly changed the person’s Apple ID password, and disabled Find My? In response to this, Apple recently introduced Stolen Device Protection, included as part of iOS 17.3.

Part of the problem has been that iPhone makes it really easy to change one’s secure logins as well as access saved passwords. The iPhone passcode is the only barrier standing in the way of these private details. Even if you have Face ID or Touch ID enabled, you can generally use the passcode as a fallback.

What is Stolen Device Protection?

According to Apple, Stolen Device Protection increases the security of iPhone and Apple ID by requiring Face ID or Touch ID to perform certain actions, with no passcode fallback.

So, as I discussed in my article, Up Your Security, it’s important to drop any qualms about biometric authentication and use the one your device supports.

Enable Protection

Assuming you meet the prerequisites, iPhone makes it super easy to enable Stolen Device Protection. On an iPhone running iOS 17.3 or later, open Settings and tap Face ID & Passcode or Touch ID & Passcode, depending on your device. After entering your passcode, scroll down about halfway.

You’ll see Stolen Device Protection and its current status (On or Off). When you toggle this setting on, biometric authentication is required to access certain data and Apple institutes a one-hour delay that prevents quick changes to security settings.

For example, you cannot immediately change the Apple ID password, change the iPhone passcode, or disable Stolen Device Protection, among others. After the delay, the device additionally requires a second biometric scan.

What is Familiar?

In the initial release of Stolen Device Protection, you can only bypass the restrictions by being located in a “familiar location.” This is usually your home, work, and other places where you frequently use your iPhone. However, you have no control over what iPhone deems familiar.

As a workaround, once protection is enabled, it’s possible to disable Significant Locations in Settings > Privacy & Security > Location Services > System Services. Then, the only way to turn off Stolen Device Protection is using Face ID or Touch ID, no matter where you are.

Fortunately, iOS 17.4 will improve this feature with a choice to require the security delay when Away from Familiar Locations or Always. Hopefully, this is only a holdover until such time as Apple implements a way to specify or review significant locations to be included or excluded from this feature’s awareness.

I encourage you to utilize the security features of your iPhone and enable Stolen Device Protection. Additionally, if your device offers Face ID, make sure to set it up with all of your appearances, including while wearing a mask (on iPhone 12 and later), so you can minimize entering your passcode in public.