Site icon The IT Nerd

When Your iPhone Is Password Protected, It Actually Isn’t Protected…. WTF?


As if Apple needs another issue with one of it’s products comes the news (via Gizmodo, and The Register) that the password protection on the iPhone isn’t actually protecting the info on your iPhone. According to Gizmodo, the way to bypass password protection goes something like this:

First, password protect your phone and lock it. Then slide to unlock and do this:

1. Tap emergency call.
2. Double tap the home button.

Done. You are now in your favorites. This seems like a feature, because you may want to have emergency number in your favorites for quick dial. The security problem here is double. The first: anyone picking up your phone can make a call to anyone in your favorites. On top of that, this also opens access to your full Address Book, the dial keypad, and your voice mail.

If that wasn’t bad enough, the second one is even worse: if you tap on the blue arrows next to the names, it will give you full access to the private information in a favorite entry. And it goes downhill from there:

• If you click in a mail address, it will give you full access to the Mail application. All your mail will be exposed.
• If there’s a URL in your contact (or in a mail message) you can click on it and have full access to Safari.
• If you click on send text message in a contact, it will give you full access to all your SMS.”

That’s pretty lame. I’m sure that’s going to inspire confidence with all the corporate types that Apple wants to sell the iPhone to. Apple fanbois on the Interweb are already discussing this at length. Just look at this thread at for an example.

There is a workaround however. According to Gizmodo, all you need to do is this:

1. In the iPhone home, go to Settings.
2. Click on General.
3. Click on Home Button.
4. Click on either “Home” or “iPod”.

I sense a 2.0.3 update coming really soon now as this is something that should not have slipped through and made it out to the world. I also sense a bunch of heads rolling in Apple’s QA department because of this.

Exit mobile version