Recently, a new iPhone 6S/ 6S Plus flaw has surfaced on the internet. It allows handlers to bypass your passcode. This bug is similar to the previous flaws that we have seen in the past on Apple iOS devices. The chances of this happening to your iPhone 6S are slim, so you don’t need to be overly alarmed.
The flaw is present in the latest iOS 9.3.1 update. Thankfully, there are some possible ways available through which you can protect your iOS device. We are going to discuss how you can protect your iPhone 6S in this article. Luckily the bypass only works on the iPhone 6S and the iPhone 6S Plus. This is because these two devices feature the 3D Touch, which is used in this bypass trick.
How to test the passcode bypass:
To test the passcode bypass, follow the steps listed below:
- Lock your iPhone.
- Invoke Siri by saying “Search Twitter”.
- When asked what to search say; “at-sign Gmail dot com” (Or any other popular email domain).
- Once the search results are displayed tap on a valid email address.
- To bring up the contextual menu, 3D Touch the email address.
- Tap Create New Contact, then add the photo. This will allow you to view photos on your device. You may be prompted to give Siri access to the Photo Library.
- By tapping the Add to Existing Contact, you can view the contacts on the smartphone.
Here is a video walkthrough from 9to5MAC of the passcode bypass if you want to check it out:
How to protect your iPhone 6S from the passcode bypass:
To protect your photos, so that anyone who tries to bypass your iPhone 6S cannot access them, what you need to do is, disable Siri access to the Photo library. To do so go to Settings -> Privacy -> Photos and from there disable the Siri Toggle. This will prevent people from accessing your photos but not your contacts.
You can disable Siri access from the lock screen. This will render the bypass method useless and your iPhone will be completely protected. To do so, go to Settings -> Touch ID & Passcode. From there you can disable the Siri toggle that reads; allows access when locked. One thing to note is that this will eliminate the ability to use Siri when the iPhone is locked.
Update: Apple has fixed Siri passcode flaw:
Apple has recently fixed the passcode bypass. Now your iPhone 6S/6S Plus is perfectly safe from the vulnerability. Apple has dealt with the flaw by implementing a fix on the server side. Now if you try to search Twitter from the lock screen, Siri will request your Lock Screen passcode. So the bypass method is now useless and cannot be implemented.