An iPhone user recently discovered a trick that allows people to bypass the devices passcode and gain access to Contacts and Photos apps. If you use an alphanumeric rather than a four-digit passcode, you probably have nothing to worry about.
The exploit itself has quite a few steps:
- You first enter the wrong PIN four times.
- On the fifth attempt you enter three numbers and bring Siri up by holding the home button.
- You ask for the time once Siri is up, click on the World Clock tab, and add a new clock.
- After entering a few letters, select them to share in a text message. You then have access to iOS’s Contacts app, which also grants access to photos.
Although it is a few steps to take, it can be done. However, even though you have access to contacts and photos, there’s not much else you can do as the phone is still technically locked.
If this is a concern, you can weaken this exploit by disabling Siri on your lock screen.