top | item 34986443 (no title) pain2022 | 3 years ago The problem is that one can change Apple ID password knowing only the pincode. No old password asked. This gives thief a full control of Apple IDSettings -> Apple ID (top panel with name) -> Password&security -> Change password discuss order hn newest N_A_T_E|3 years ago Wow, I just tried and it’s very easy. Seems like a huge miss of privilege escalation allowing someone with the pin and phone to escalate to full password. This should require the old password or more steps. vucetica|3 years ago Someone on a different thread suggested to use the screentime (with a different passcode) and disable icloud settings. Works like a charm.
N_A_T_E|3 years ago Wow, I just tried and it’s very easy. Seems like a huge miss of privilege escalation allowing someone with the pin and phone to escalate to full password. This should require the old password or more steps.
vucetica|3 years ago Someone on a different thread suggested to use the screentime (with a different passcode) and disable icloud settings. Works like a charm.
N_A_T_E|3 years ago
vucetica|3 years ago