Report from The Wall Street Journal Last week he sounded the alarm about a clear, but scary issue on the iPhone that would allow a criminal to take control of an Apple account. But this is not something exclusive to iOS. Your Google account can be compromised if a criminal steals your Android phone and its PIN, but there are ways to protect yourself.
Last week WSJ The report cites cases where iPhone owners have had their iPhones stolen, only to later find that their Apple accounts have been compromised, passwords have been changed, and additional accounts – including bank accounts – have also been compromised. These are not advanced cases of hacks, but rather basic security measures. By using a PIN on an iPhone, a criminal who steals it can change the account’s password and access other accounts, all without knowing the owner’s password.
how? On iOS, phone users can use their phone’s PIN to change the password to their Apple ID, and getting the PIN is as simple as watching the phone user enter the code, or tricking the phone user into sharing their PIN.
Price WSJ Joanna Stern used the example of “a late-night pub filled with teenagers, where predators befriend victims and get them to reveal their passcodes” as a scenario where this could happen. And what’s more, some of these criminals have activated Apple’s First Key feature, which effectively locks users out of their accounts without stealing the iPhone.
Related: Apple should invest in anti-theft security features for iPhone and iPad
Unfortunately, this can happen on Android phones, because the PIN is the only thing required to change the Google account password.
Mishaal Rahman explained how this works on Twitter, with an option in the Google account settings to use the Android phone’s screen lock to change the account password. Google allows this when the password change request comes from a device that “belongs to you,” but there is no more authentication than your PIN. Google’s system, in particular, first prompts you to enter your current password first, but using the “forgot password” option allows you to use your PIN instead.
This is obvious about it, because it means that a stolen phone can mean losing access to your Google account and much more, but it was noted in the report that the main target of such an operation is similar to iPhones, as they used to hold. highest resale value in America. Apparently, 99% of the cases seen by a detective were iPhones.
In a statement to WSJA Google spokesperson said:
Our access and account recovery policies attempt to strike a balance between allowing legitimate users to maintain access to their accounts in real-world situations and preventing bad actors.
So even if this is not the case in Android, what can you do to protect your phone, and your account?
For one, you can also stick to using biometrics – like fingerprints – to avoid snooping eyes from seeing your PIN in person.
It would also not be a bad practice to avoid saving important information on your device, such as in the note application or photo library. This can include social security numbers, passport photos, or other forms of ID, as these criminals can do more damage if they have easy access to this information.
Next, you can strengthen your phone’s protection. By default, Android only asks for a four-digit PIN, but you can make it longer. Pixel phones support PIN codes as long as 17 digits. Android’s unlock system is also difficult for someone to steal by scanning, and you can use a complete password to make complex numbers.
Other ways to keep apps safe may include turning off biometric/PIN access for those apps, or at least making those codes different from the ones used to unlock your phone. A dedicated password manager can also go a long way over using the one built into your device.
Another option is to use Google’s “Advanced Protection” option. This blocks the ability to change the password using a PIN, but requires the use of two physical security keys.
More on Android:
FTC: We use automatic income affiliate links. Cane.
Check out 9to5Google on YouTube for more stories:
#iPhone #stolen #Android #phones #PIN #change #Google #account #password