It would have been helpful to explain that instead of leaving everyone guessing. Being able to unlock the phone is one of if not the most important detail here.
Are you sure? Want to re-read it one more time? The phone was _stolen_ at gun point, not unlocked. It looks like the password was later phished when author's brother clicked the fake Apple support link. So at that point they had access to both the password and the phone. But I am guessing, it's not clear how/what they did.
I’m not sure, it’s just the most logical and simple explanation.
To add some context, Argentina has a history of robbers asking people to do complex tasks at gun point, like withdrawing money, and other things during “secuestro express”.
Lots of people keep talking about password codes, etc. You should be able to hand over your phone to an attacker and walk away knowing you and your data is safe.
At least don't use biometrics, they will cut off your thumb AND steal your iphone.