Other Surprised Apple Promotes Lock Screen Access. Consider turning it off for your safety

[Apple_Robert]

I am a fan ( in general) of Apple’s focus and overall stance for customer privacy and security. It is one of the major reasons why I stay in the orchard.

I am surprised that Apple continues to promote the idea, function, and use of lock screen access for Today View, Notification Center, Control Center, Siri, Reply with Message, and Home Control.

I am more surprised (well, maybe not) that many here use, and have become dependent on this security risk feature that is turned on by default by Apple.

If you fall into this category, I strongly encourage you to rethink using this risky feature.

Should your phone ever best lost, stolen, left on the desk at work, (even with you there) or laying around the house for kids, neighbors or guests around, you are opening yourself up (unnecessarily) for potential personal and very sensitive information being seen and falling into the hands of those who would do you harm, whether by theft, iD fraud, addresses and numbers of not just you and family, but friends and anyone else you have been in contact with on your phone, including medical and financial information.

You don’t need kids, nosey coworkers and strangers being able to see information that constantly pops up on your lock screen, especially when it wasn’t meant for them to see.

There are a lot of bad things that can happen by keeping this feature enabled. Please consider turning it off, before you find yourself in big trouble.

 

[TechLord]

When a notification comes up on my lock screen I can only see it after face ID/typing in my pass code. Unless I am doing something wrong I don't think anyone else could walk by and see any personal info like that.

 

[EM2013]

? I don’t get it.

If you lose your phone no one can access your notifications. Notifications can not be seen or interacted with until you unlock your phone.

 

[Apple_Robert]

When a notification comes up on my lock screen I can only see it after face ID/typing in my pass code. Unless I am doing something wrong I don't think anyone else could walk by and see any personal info like that.

If you haven’t turned off lock screen access via settings > passcode > Allow Access When Locked toggles, a person can easily see and read mail notifications, iMessage, pictures and other areas I listed while the phone is locked.

 

[Jtludwig]

If you haven’t turned off lock screen access via settings > passcode > Allow Access When Locked toggles, a person can easily see and read mail notifications, iMessage, pictures and other areas I listed while the phone is locked.

These options don’t seem so bad. Can you further explain?

 

[TechLord]

If you haven’t turned off lock screen access via settings > passcode > Allow Access When Locked toggles, a person can easily see and read mail notifications, iMessage, pictures and other areas I listed while the phone is locked.

I just tested it with a text notification. And if I press on it while locked, I need to enter either face ID or my passcode to actually see the message, the same with other notifications. When I try to open photos through the camera, it comes up again with the face ID requirement. Basically, it'd be impossible for a stranger to access any of this unless they knew your passcode, so this seems like a false alarm.

 

[JagRunner]

No one can see my notifications until I unlock it via Face ID.

 

[Apple_Robert]

These options don’t seem so bad. Can you further explain?

Hypothetical:

You are at work and leave your phone on your desk for a few minutes while you walk down the hall to talk to a coworker for a minute. While you are away from your desk, another coworker travels by your desk and sees you got a text from someone he or she knows as well. With the toggles on, said person can see the information (maybe not all of it) from the notification that wasn’t meant for them, which said person tries to use against you or manipulate you with.

if a stranger or even family member (kid) had quick access for a few moments, they could have temporary access to pictures and other notifications received while the phone has been locked.
[automerge]1589156432[/automerge]

No one can see my notifications until I unlock it via Face ID.

On my new SE, I turned on today view just now, and I can see all that is on it, without having entered my passcode or used Touch ID, while the phone is still locked.

There is a reason that group of toggles are labeled the way they are. A person may not have full access each toggles when locked or fully see all that is on a mail or iMessage notification but, with the toggles on, a person does have some access to see information one may not want another to see. It is a real security risk.

i am not here to argue but inform people about the risk of the default us of said toggles by Apple.

 

[JagRunner]

Hypothetical:

You are at work and leave your phone on your desk for a few minutes while you walk down the hall to talk to a coworker for a minute. While you are away from your desk, another coworker travels by your desk and sees you got a text from someone he or she knows as well. With the toggles on, said person can see the information (maybe not all of it) from the notification that wasn’t meant for them, which said person tries to use against you or manipulate you with.

if a stranger or even family member (kid) had quick access for a few moments, they could have temporary access to pictures and other notifications received while the phone has been locked.
[automerge]1589156432[/automerge]

On my new SE, I turned on today view just now, and I can see all that is on it, without having entered my passcode or used Touch ID, while the phone is still locked.

Maybe there is a setting you are missing...because if my phone is locked and I get a notification from say the Mail app, it will just say "MAIL" or something like that. It won't tell me any other details about it until I look at the phone and unlock it.

 

[TechLord]

Ok I've realised what the op is talking about, but it's only relevant to older Iphones. On my Iphone 11, Imessage and other apps can only be previewed after unlocking the phone with faceID or passcode, and this is the default setting found under notifications>show previews>when unlocked. On my iphone 8 and my sisters 6s however, it is on show previews>always by default.

So the solution if you're on an older iphone, is to go to notifications and change show previews to "when unlocked" instead of always.

 

[chabig]

But isn’t the default to not show the message unless the phone is unlocked?

Settings > Notifications > Show Previews

 

[TechLord]

But isn’t the default to not show the message unless the phone is unlocked?

Settings > Notifications > Show Previews

On my Iphone 11 it is, but on my 8 it seems to be on always by default. It must of been a default setting apple added to later models.

 

[gaanee]

It's s fine balance between convenience ease of access to glance your notifications and security and that's why Apple gives you the option to turn it off. Seems like iPhones with FaceID don't display the content until you authenticate but that's not the case with TouchID based iPhones.
[automerge]1589157344[/automerge]

 

[Apple_Robert]

Ok I've realised what the op is talking about, but it's only relevant to older Iphones. On my Iphone 11, Imessage and other apps can only be previewed after unlocking the phone with faceID or passcode, and this is the default setting found under notifications>show previews>when unlocked. On my iphone 8 and my sisters 6s however, it is on show previews>always by default.

So the solution if you're on an older iphone, is to go to notifications and change show previews to "when unlocked" instead of always.

On my new SE, I had to turn off show previews for mail, messages, along with the other toggles etc. because you would see partial or full data from the locked state. The toggles were on by default.

A person can access control center as well from locked state with the toggles on. If one has music in the center, it can be played, pictures taken etc.

 

[russell_314]

By default Apple went for convenience with still some security. If you're going to sit your phone down where your wife will see texts from your girlfriend then it's always a good idea to lock it down. Siri reads my texts through AirPods even though the phone is off. That's great so when I'm driving I can still hear and reply to texts. With some people this might be a risk.
[automerge]1589158547[/automerge]

On my new SE, I had to turn off show previews for mail, messages, along with the other toggles etc. because you would see partial or full data from the locked state. The toggles were on by default.

A person can access control center as well from locked state with the toggles on. If one has music in the center, it can be played, pictures taken etc.

So if someone steals my phone that can listen to my terrible music while taking selfies LOL

 

[Jtludwig]

By default Apple went for convenience with still some security. If you're going to sit your phone down where your wife will see texts from your girlfriend then it's always a good idea to lock it down. Siri reads my texts through AirPods even though the phone is off. That's great so when I'm driving I can still hear and reply to texts. With some people this might be a risk.
[automerge]1589158547[/automerge]

So if someone steals my phone that can listen to my terrible music while taking selfies LOL

I’ve also heard that it’s iPhones, not 5g, that is responsible for the coronavirus.

 

[russell_314]

I’ve also heard that it’s iPhones, not 5g, that is responsible for the coronavirus.

If that's the case I'm in trouble LOL

 

[glenthompson]

On my XR a notification shows minimal information on the lock screen. If the Face ID recognizes me it will show the unlock symbol at the top but stay in the unlock screen until I swipe up. When it unlocks it also displays the content of the notification.

To the OP I suggest trying it with Face ID turned off and see what you get. Or you can cover the camera at the top and see what the notifications shows.

 

[EM2013]

You can only see notifications

If you haven’t turned off lock screen access via settings > passcode > Allow Access When Locked toggles, a person can easily see and read mail notifications, iMessage, pictures and other areas I listed while the phone is locked.

No one can view any notifications with those toggles on. To interact with any notification you need Touch ID or Face ID.

With Touch ID if you use your recorded fingerprint on the home button to wake your device, then it automatically unlocks. Hence why you can see and interact with notifications.

With Face ID it automatically unlocks if it recognizes your face and you can see and interact with notifications.

If Touch ID or Face ID is not recognized then it will not let you see or interact with them.

 

[Phone Junky]

On my XR a notification shows minimal information on the lock screen. If the Face ID recognizes me it will show the unlock symbol at the top but stay in the unlock screen until I swipe up. When it unlocks it also displays the content of the notification.

To the OP I suggest trying it with Face ID turned off and see what you get. Or you can cover the camera at the top and see what the notifications shows.

OP's phone doesn't have FaceID.

 

[gaanee]

That maybe the case, I just checked under Notifications changed Show Previews from Always to When Unlocked and it doesn't display the content of email/message, however it does show who is it from.
On TouchID iPhones there isn't a way to authenticate while still being on the lockscreen, when you place your registered finger on the Home Button, it will unlock the iPhone.

You can only see notifications

No one can view any notifications with those toggles on. To interact with any notification you need Touch ID or Face ID.

With Touch ID if you use your recorded fingerprint on the home button to wake your device, then it automatically unlocks. Hence why you can see and interact with notifications.

With Face ID it automatically unlocks if it recognizes your face and you can see and interact with notifications.

If Touch ID or Face ID is not recognized then it will not let you see or interact with them.

 

[EM2013]

That maybe the case, I just checked under Notifications changed Show Previews from Always to When Unlocked and it doesn't display the content of email/message, however it does show who is it from.
On TouchID iPhones there isn't a way to authenticate while still being on the lockscreen, when you place your registered finger on the Home Button, it will unlock the iPhone.

It has always shown who the message is from, there’s no way to hide that unless you turn off notifications from showing on the lock screen completely.

When I had an iPhone 8 you could press the home button to view your notifications without going to the home screen. I believe there used to be a setting for that but I don’t remember.

 

[Capeto]

But isn’t the default to not show the message unless the phone is unlocked?

Settings > Notifications > Show Previews

As others have said, it is for FaceID phones, but not for TouchID phones.

You can always set notification previews off when locked for either individual apps (banking, email, messages, etc.) or across the board, but I personally don't mind if someone sees I got a text message. I got my work email with previews off just to be on the safe side.

Everything else, at least in my case (I have a TouchID phone), is not really important if someone gets access to it. Let me go through it:

Today View: Mostly my calendars, to-do's, habit trackers, and battery info. Nothing personal or compromising there.
Notification Center: Already stated above, turn off notification previews for notifications from apps you're not comfortable others seeing.
Control Center: I guess someone could turn off Wi-Fi and cellular from here - a potential thief could use this to make the phone harder to track, but then again they could just turn the phone off from the Lock Screen and there's no option to prevent that (!).
Siri: Anything that involves app access will have Siri request you to unlock your phone.
Reply with Message: Don't really care, best case scenario I'm able to text my lost phone and if it's found by a kind soul they can text/call me back.
Home Control: They can see which HomeKit accessories you have, but it still requests you unlock your phone to interact with those accessories. Personally I only have smart lightbulbs, so not a big deal for me; might be different if you have security cameras or something.
Wallet: They can see which cards you have (doesn't show credit card numbers), but still requires unlocking to use NFC cards. My Starbucks card is there with a QR code though, but I rarely have over $10 on it. Not a bad idea to turn it off, especially if you have Wallet on an Apple Watch.
Return Phone Calls: Same point as Reply with Message.
USB Accessories: Off by default, should be kept off for safety.
Camera: You can't access pictures in your Photo galleries while the phone is locked, you can only see the pictures you took while the camera was locked.

Personally I think OP is making mountains out of molehills.

 

[deathracer]

Hi, new user here. I found this post while researching an incident that happened to me while on a day bicycle trip caused by my lock screen. (in a way)
Upon returning home, all smart thermostats in my main floor of my home were on full (30deg C) in summer for the last 8 hours.
Cause/theory:
- my iPhone 12 Pro was set to "tap to wake" and "raise to wake", so I assume my iPhone screen woke up in my bicycle bag while riding
- I assume my iPhone rubbing against my jacket interpreted a touch and hold on top right to open up my lock screen
- I had "Home Control" thermostats viewable on my lock screen
- I assume my iPhone rubbing against my jacket adjusted my main floor zone heaters to full

@ Capeto, re: "Home Control: They can see which HomeKit accessories you have, but it still requests you unlock your phone to interact with those accessories."
>I had a friend test this and they were able to change my thermostats, so a passcode is not required to change thermostats from the lock screen.

I have since removed Home controls from my lock screen and disabled "tap to wake" and "raise to wake"

 

[xxray]

I’m with you. One thing I didn’t realize until I saw a tiktok about someone phone being stolen, I never considered how dangerous it is to have control center available even while unlocked. If the phone gets locked, the thief can just turn on airplane mode, making it more difficult for your phone to be found. I’ve turned off that access since then.