[X-Istence]

How does compromising the phone compromise the password? I turned on 2 factor auth and the only thing that would be compromised is the code generated by the 2 factor auth. My password is still secure in my head.

My password doesn't get used for anything, all my applications have a 1 app only password.

An attacker would still need my password...

[laurencei]

I think the issue is most people have email on their iphone, so you can send yourself a password reset to your phone, get your password, then use the code also generated on your phone.

Personally I have a pin on my iPhone - and I have my iPhone set to 'reset' itself if there are 10 incorrect pin attempts - so even if I lose my phone, I doubt they would get in...

[zobzu]

what do you think happens, when you type the password that's safely stored in your head, onto your phone?:P