[stirlo]

This also solves a somewhat unique problem I experienced recently with iCloud keychain where all your passwords are only as secure as your passcode (and anyone that knows it).

I had to hand my phone over to a third party repairer. This would mean they needed to know my passcode so I wanted to lock down the phone to allow them to perform whatever diagnostic steps they might need but to restrict access to the wallet and iCloud keychain.

The first part was actually quite simple using a separate screen time passcode to restrict all apps bar the camera and any that they needed. The frustrating part was that the settings app itself cannot be blocked by screentime (I guess as thats where you configure the restrictions) and as iCloud keychain passwords are accessed from settings there was no way to block access to them.

With this update I could (somewhat) safely supply my passcode while being relatively confident that my keychain passwords were not viewed.

[PlunderBunny]

I think some (all?) Android phones allow you to put the phone into 'repair mode', which allows the repairer to access critical features without unlocking the entire phone. I'd like to see a feature like that for iPhones too.

[PakG1]

What hardware repair would require handing over your passcode? If it's to test that the phone is working fine after the repair, can't you test it yourself in front of them before you pay? If they were doing software repairs, what would be the nature of the repair? Hard for me to imagine anything to repair software-wise, given how iOS is.

[stirlo]

Anything that requires turning off the phone will need a passcode once it powers on. This includes battery replacement, screen, microphone, camera, etc. Only for camera repairs is it feasible to test fully without entering a passcode. Of course you could leave the testing until you pick it up and pay but then if something is faulty you’ll have to come back later and wait longer when they might have been able to repair beforehand if they’d known.

[PakG1]

Having watched full screen replacements, button replacements, and battery replacements on my iPhone, I suppose I don't understand why one wouldn't just wait the extra 5 minutes to get the issue resolved. Repairs can get done really fast in my experience.

[r00fus]

At least the passcode section of settings can indeed be restricted by ScreenTime. I've done this as my aging parents often want change the passcode then forget their new passwords (and sometimes get paranoid).

[rollcat]

You took unnecessary risk. Wipe your device before handing it over, and restore it from a backup after the repair.

Also consider evil maid, or other kinds of backdoors (like jailbreaks).

[stirlo]

It’s a risk. But it also takes a few hours to restore from backup and there’s a bunch of things that (sensibly) don’t restore and require manual setup.

I know Apple will never ask for your passcode but in the case of a repair shop that promises 15 minute service it’s kinda necessary unless you want it to take far longer and annoy them.

Ultimately with it locked down with screentime the only personal data I had an issue with was iCloud Keychain. Honestly I don’t know why Apple lets children access the full settings anyway. It would be trivial to add a screen time restriction for all features of settings except the screentime pane.

[tzs]

I wiped mine, but then a couple of hours before my appointment for a battery replacement they called and said due to heavy snow the techs could not get, and gave me a new appointment a couple of days later.

I didn't want to fully restore the phone for just a couple of days, so just set it up with a temporary passcode and signed in to an Apple ID I normally do not use [1], so that I could use it for that couple of days without things asking me to sign in.

After the battery replacement I then wiped it and restored from a backup under my normal Apple ID.

This mostly worked, except it messed up my Longest Move Streak with my Apple Watch. I'm not sure if this was just due to the wiping the phone part, or the having the phone on a different Apple ID than the watch for a couple days, or something else.

What the Fitness app tells me about the streak now is just weird.

The streak started on 2019-05-07 and I've not missed a day since then. The battery replacement was on 2022-12-21.

When I checked the streak in Fitness on 2023-02-04 it told me that:

  My longest streak was 39 days ending 2023-02-03
  My current streak was 1368 days

Note that it is reporting a longest streak that is entirely within what it is reporting is my current streak.

17 days later, 2023-02-21, it was reporting:

  My longest streak was 41 days ending on 2023-02-20
  My current streak was 1385 days

Note that when it thinks that the longest streak started was sometime during the previous longest streak, so that makes no sense.

A few months later, 2023-09-23, it was:

  My longest streak was 37 days ending on 2023-09-23
  My current streak was 1600 days

I hadn't checked between that last and now. Checking now, on 2024-01-22, I get:

  My longest streak was 1710 days ending on 2024-01-11
  My current streak is 1720 days

That's better in that now it thinks the longest streak and current streak started at the same time, which is correct. But it still has the longest streak in the interior of the current streak which should not be possible.

[1] I've got two Apple IDs because originally you couldn't use the same account for iTunes and their cloud service, and so everyone who wanted to use both had to have two accounts. Later they made it so one account could use both.