How to Unlock Your iPhone If You Forget Your New Passcode

[MacRumors]

In iOS 17, if you change your iPhone's passcode and forget it soon after, Apple offers you a 72-hour grace period to fix it without getting locked out of your device. Here's how it works.

In iOS 17 and iPadOS 17, it is now possible to reset an iPhone or iPad's new passcode with the previous passcode you used for up to three days after the change is made. In other words, Apple lets you use your old passcode within 72 hours of setting a new one, which is handy if you're someone who is likely to forget a newly created passcode.

When you enter an incorrect passcode on a device running iOS 17 after making a change, simply tap on the Forgot Passcode? option at the bottom of the display to use the Try Passcode Reset option. Tapping it allows you to use your old passcode to create yet another new passcode.

For protection in case someone has learned your passcode, there is also an "Expire Previous Passcode Now" setting that you can make use of. (Note that if you use this option, you'll no longer be able to use your old passcode to gain access to your device if you forget your new passcode.) To use the new option in iOS 17, follow these steps:

1. Open Settings.
2. Scroll down and select Face ID/Touch ID & Passcode.
3. Under "Temporary Passcode Reset," tap Expire Previous Passcode Now.
4. Tap Expire Now to confirm.

It is still possible to change an Apple ID account's password with an iPhone's passcode, despite a Wall Street Journal report in February highlighting instances of thieves spying on iPhone users in public when they enter their passcode, and then stealing the device in order to gain widespread access to the device.

Apple's software engineering chief Craig Federighi in June 2023 said Apple has continued to "look at other ways to address this," but no changes have been made as of yet. To make theft harder, Apple recommends that users switch from a four-digit passcode to an alphanumeric passcode, which would be more difficult for thieves to spy on. This can also be done in Settings under Face ID & Passcode -> Change Passcode.

Article Link: How to Unlock Your iPhone If You Forget Your New Passcode

 

[iFishishh]

They should add ways to see your phone screen on other devices. That way if you get the black screen of death from say water damage or the like, you can back up your data if you haven’t previously.

 

[JapanApple]

People do it, nice option. Unless your ex-partner gets your device and you change the code. But they can use old within the time frame.

 

[beanbaguk]

People do it, nice option. Unless your ex-partner gets your device and you change the code. But they can use old within the time frame.

You have bigger problems if your ex-partner can get hold of your phone!

ETA: @TechnoMonk is one of those ex-partners… 🤣

 

[jlc1978]

I went with an alpha numeric passcode for heightened security. I’ve at least been able to convince family members to go to 6 digit and not use 000000. I suspect most folks do not realize the potential dangers from a lost phone and easily guessed passcode.

They should add ways to see your phone screen on other devices. That way if you get the black screen of death from say water damage or the like, you can back up your data if you haven’t previously.

I suspect most damage that causes a black screen would mean an external connection would not work either. Would be useful for cracked or damaged but powered on screens.

I am surprised by how many people simply never backup their phones; yet their entire lives a run on it. If you don’t trust the cloud at least backup to a computer. What would be nice is Time Machine for iOS/iPadOS.

 

[jaworq]

It is still possible to change an Apple ID account's password with an iPhone's passcode, despite a Wall Street Journal report in February highlighting instances of thieves spying on iPhone users in public when they enter their passcode, and then stealing the device in order to gain widespread access to the device.

Apple's software engineering chief Craig Federighi in June 2023 said Apple has continued to "look at other ways to address this," but no changes have been made as of yet. To make theft harder, Apple recommends that users switch from a four-digit passcode to an alphanumeric passcode, which would be more difficult for thieves to spy on. This can also be done in Settings under Face ID & Passcode -> Change Passcode.

Article Link: iOS 17: How to Change a New iPhone Passcode If You Forget It

The biggest mistake is 4/6-digit passcode required to change the iCloud password... WTF. Current iCloud password should be provided to change the password. We can remember and/or store such password in some other place than Settings > Passwords and voila. Thief is no longer able to log us out from our iCloud by changing the password.

 

[TallGuyGT]

The biggest mistake is 4/6-digit passcode required to change the iCloud password... WTF. Current iCloud password should be provided to change the password. We can remember and/or store such password in some other place than Settings > Passwords and voila. Thief is no longer able to log us out from our iCloud by changing the password.

This! It's crazy you don't have to enter the current password to change it. That is just basic security.

 

[Jackbequickly]

You should never use your passcode in public! FaceID is way better.

 

[JapanApple]

You have bigger problems if your ex-partner can get hold of your phone!

Oh sure so true. But really you really need to keep In consideration The reason I say this is because my sister’s child had two iPhones stolen from her within a year. And the people that took Them knew her

 

[jlc1978]

The biggest mistake is 4/6-digit passcode required to change the iCloud password... WTF. Current iCloud password should be provided to change the password. We can remember and/or store such password in some other place than Settings > Passwords and voila. Thief is no longer able to log us out from our iCloud by changing the password.

If your device is stolen or lost and you have an easily guessed password, as a trusted device you do not even need the device password as iCloud will recognize the device and allow pw changes, if I recall correctly.

From a security standpoint, one issue I see is most people do not understand all the ways access to info, nor the amount and type of info, can be obtained once you have the device. As a result, to avoid foregting the device pw, they choose a pw that is easily guessed.

 

[iHorseHead]

My passcode is my DOB.

 

[Arran]

Seems geared towards corporately owned/managed phones. For example: Employer requires everyone change their passcode every month (for example). Users keep getting locked out because they can't remember their new passcode. Seems like a "fix" for that problem.

Aside from that, how often does everyone else change their passcode? It seems like something you'd do only if your passcode becomes public. In which case, you'd disable the 3-day grace period. So no benefit there.

 

[StuBeck]

This seems like an issue which was solved before it became an actual problem. If I'm changing my passcode, there is a reason, I don't need the increased security risk of having two passcodes for a few days.

 

[johnnyjibbs]

Terrible idea. Means that if your passcode is compromised (it can easily happen) your phone (including iCloud account password!!) is not secure for another 3 days after you change it.

I guess I’ll be changing the password twice in succession if this happens but most people won’t.

I still find it absolutely incredible that Apple only requires the passcode to change your iCloud password on the device and why they have still not addressed this huge security vulnerability with the very simply and obvious solution.

 

[steve09090]

This seems like an issue which was solved before it became an actual problem. If I'm changing my passcode, there is a reason, I don't need the increased security risk of having two passcodes for a few days.

Do people not actually read the article? You can cancel using the expired password.

For protection in case someone has learned your passcode, there is also an "Expire Previous Passcode Now" setting that you can make use of. (Note that if you use this option, you'll no longer be able to use your old passcode to gain access to your device if you forget your new passcode.) To use the new option in iOS 17, follow these steps:

1. Open Settings.
2. Scroll down and select Face ID/Touch ID & Passcode.
3. Under "Temporary Passcode Reset," tap Expire Previous Passcode Now.
4. Tap Expire Now to confirm.

 

[cocky jeremy]

How do you manage to forget a passcode? People pick up their phones all day long and enter it. How do you just.. forget?

 

[Verified Whiskey]

The biggest mistake is 4/6-digit passcode required to change the iCloud password... WTF. Current iCloud password should be provided to change the password. We can remember and/or store such password in some other place than Settings > Passwords and voila. Thief is no longer able to log us out from our iCloud by changing the password.

Isn’t the whole point of changing your iCloud password… because you forgot your iCloud password? Meaning you wouldn’t be able to type in your old on to change it?

 

[StuBeck]

Do people not actually read the article? You can cancel using the expired password.

I did. A feature I have to turn off is a security risk. It should be a feature that needs to be turned on to use. This will be changed at some point to be an option you have to turn on rather than turn off.

 

[supremedesigner]

You should never use your passcode in public! FaceID is way better.

Using an Apple Watch to unlock your iPhone is a better alternative.

 

[supremedesigner]

How do you manage to forget a passcode? People pick up their phones all day long and enter it. How do you just.. forget?

Don't forget Ten Second Tom 🤣

 

[Blackstick]

Hopefully MDM tools will be able to disable this feature. Corporate security teams aren’t gonna like this one.

 

[iFishishh]

I went with an alpha numeric passcode for heightened security. I’ve at least been able to convince family members to go to 6 digit and not use 000000. I suspect most folks do not realize the potential dangers from a lost phone and easily guessed passcode.



I suspect most damage that causes a black screen would mean an external connection would not work either. Would be useful for cracked or damaged but powered on screens.

I am surprised by how many people simply never backup their phones; yet their entire lives a run on it. If you don’t trust the cloud at least backup to a computer. What would be nice is Time Machine for iOS/iPadOS.

Im assuming you're projecting here, my entire life does not indeed hinge on whether or not my phone is backed up to the cloud. I managed to make it for 3 weeks or so without it and it was quite refreshing.

In terms of backup, my free iCloud backup was full. So as of late, my photos, voice memos and voicemails weren't synced. Other than that everything else was backed up. On that note, I refuse to pay for the cloud when I really don't need it. I back up my photos on an external hard drive every few years. It just so happened that I didn't back it up before it took water damage. (yet apple claims water resistance up to 3 meters for 30 mins 🐂💩)

In my case the phone functioned as normal besides the screen. I could charge it, it would ring and i could make calls through other devices. However when I reset it, i was unable to enter my passcode afterwards and lost all of those functions besides receiving calls. Face ID was shot as well.

It's a simple precautionary measure I think that Apple overlooks but could be very beneficial and welcomed by the Apple community. Especially with 2 factor login as a norm now days all "texted" login codes were out the window until I got a loaner iPhone just yesterday.

Again a simple "screen mirror" option from the desired display device would be welcomed. In my case my iPad or mbp would have solved any issues but unfortunately you can only initiate a screen share from the projecting device not the receiving one. It does seem with this passcode feature that Apple is looking to expand on ways users can get back into their devices after user errors. My qualm may fall on deaf ears but you heard it here first lol

 

[Mr. Heckles]

The biggest mistake is 4/6-digit passcode required to change the iCloud password... WTF. Current iCloud password should be provided to change the password. We can remember and/or store such password in some other place than Settings > Passwords and voila. Thief is no longer able to log us out from our iCloud by changing the password.

The should make it so the people using security keys to secure their Apple ID, need the security key to change the Apple ID password also.

How do you manage to forget a passcode? People pick up their phones all day long and enter it. How do you just.. forget?

How? You change it because you think someone knows your passcode, and change it, draw a blank, and forget the new one.
If you change your passcode to your phone, you’re not picking up your phones all day and enter it, it’s new.

 

[steve09090]

I did. A feature I have to turn off is a security risk. It should be a feature that needs to be turned on to use. This will be changed at some point to be an option you have to turn on rather than turn off.

I can’t answer for Apple, so I won’t state what I am saying as fact, as you appear to be doing, but I’d suggest this is meant for the average person who gets locked out by forgetting passwords. Not knowing, but making an assumption; Apple would have the figures of a vast number of people who don’t use iCloud for backup (which is a choice on setup) who forget their passwords, and want to somehow gain access to their data.

It’s a simple switch that can save someone’s data. Fortunately, you are now aware of this decision (if it is actually going to be toggled on by default in the final version) and you’ll know to make the settings changes along with any other of the multitude of choices you’ll have to make when installing the first full release of iOS17. So unless you forget about this article, it is no longer a security threat to you. Will you actually turn it off though? I’ll leave it on because I’m not paranoid about someone trying to access my iPhone and somehow knowing my password known only to my wife and I.

 

[oneMadRssn]

They should add ways to see your phone screen on other devices. That way if you get the black screen of death from say water damage or the like, you can back up your data if you haven’t previously.

You can with a Lightning or USB-C (whichever is applicable) to HDMI adapter. It basically mirrors what is on your display to a TV or monitor. However, while you can see your phone screen, you cannot input touch commands to it. So if the digitizer is broken, then you're sol.