SECURITY By Peter Deegan Having your smartphone or tablet stolen is a traumatic event, but there are things you can do beforehand to make loss and rep
[See the full post at: What to do before your phone is stolen]
![]() |
There are isolated problems with current patches, but they are well-known and documented on this site. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
-
What to do before your phone is stolen
Home » Forums » Newsletter and Homepage topics » What to do before your phone is stolen
- This topic has 16 replies, 10 voices, and was last updated 2 months, 2 weeks ago.
AuthorTopicPeter Deegan
AskWoody PlusViewing 6 reply threadsAuthorReplies-
Michael432
AskWoody_MVPGreat article. Everyone should plan for the loss/theft of their smartphone.
Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com
2 users thanked author for this post.
-
LoneWolf
AskWoody PlusI had to do this myself six weeks ago. Having a password vault with all of my passwords, a full iCloud backup, and a helpful (and sympathetic) Apple Store employee really helped me get back on track when my iPhone was stolen. I also had FindMy enabled and was able to set a Lost Message and a command to lock and wipe the old phone.
As mentioned, I’d not 2FA app and anything to do with it are securely backed up in a way that can be easily restored. Just having passwords isn’t enough if all of them (as they should be whenever possible) are linked to two-factor codes you can’t get access too. Most of mine were, but not all; fortunately, I had easy access to help to get the ones I didn’t have reset. I am now periodically testing my ability to recover my 2FA in the event something goes awry.
We are SysAdmins.
We walk in the wiring closets no others will enter.
We stand on the bridge, and no malware may pass.
We engage in support, we do not retreat.
We live for the LAN.
We die for the LAN.1 user thanked author for this post.
-
bbearren
AskWoody MVPI have a Samsung. At home, awake, my phone is on my desk. When I’m sleeping, it’s charging on my nightstand. Any other time it’s in my back pocket unless I’m making a call. I’ve been using cell phones for ~25 years, and have never lost one.
It’s kinda like my truck keys; they are either in the ignition while I’m driving, or in my right front pocket. I’ve been driving over 63 years and have never lost a set of car keys. My house keys are separate from my ignition keys, and are either in my hand unlocking the door, or in my left front pocket. I’ve never lost a set of house keys.
There’s no setup involved, other than forming the habits.
Always create a fresh drive image before making system changes/Windows updates; you may need to start over!We were all once "Average Users". We all have our own reasons for doing the things that we do to our systems, we don't need anyone's approval, and we don't all have to do the same things. -
Ascaris
AskWoody MVPThere’s nothing to protect on my phone. I’d call the cellular provider and have the SIM cancelled, and a new one sent. That should about cover it.
There is not much point in trying to lock the phone, as it is neither an Android (proper) nor iOS device, and I don’t know of anything that would do that without the thing being logged in to an Apple or Google account. There is no such account on my phone. But even if it was locked, the thief, or more likely the ultimate buyer of the stolen device, could just wipe the internal storage and put on a new OS and bootloader, much in the same way that I did when I got rid of Android proper. My data would be gone, but there’s nothing really interesting to a thief anyway.
I don’t need a spare smartphone in case this happens. I have a “dumb” flip phone I can use with the new SIM, once the cellular provider sent it. I would be using that in place of the smartphone if it had the mobile hotspot feature. My data plan exists to be used by tethered devices like my laptop (primarily my XPS, as it is the one that comes with me when I am out and about). Otherwise, a phone is (a) an actual phone, mainly to be used in case of car trouble or that kind of thing, and (b) an alarm clock. Any phone can fulfill these roles.
If I were ever to have my phone stolen, I have plenty of time to research and decide what (if any) replacement phone I might want. My existing one is a $130 model (network unlocked, bought outright, not from the carrier) and it is at the absolute maximum size I am willing to tolerate… and it is discontinued in favor of bigger ones. I’d love one the size of the original iPhone, but it has to be iOS and Android free (or be able to be made so), and ideally still receiving regular updates.
Barring that, I would probably go for a flip phone that does have the wifi hotspot. I actually thought my current flippy had that when I bought it, but it doesn’t. I can tether it with USB, but that means I would have to carry a USB cable in addition to the phone and laptop.
Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
XPG Xenia 15, i7-9750H/16GB & GTX1660ti, KDE Neon -
teuhasn2
AskWoody PlusJust today I got an email newsletter from Malwarebytes discussing a growing trend where two or three people working together in a setting like a bar will watch or even record a victim entering a phone’s passcode–on an iPhone, the passcode is the 6-digit code you use when Face ID/Touch ID isn’t set up, or isn’t working (e.g. because it’s too dark/your hands are wet). Then they will distract a victim to pick the loose phone off the bar if left there, or pick the victim’s pocket, or drug or assault a victim to get the iPhone.
Once bad guys have both the iPhone and the passcode, they can edit the passcode to a new one and even, according to the Wall St Journal article Malwarebytes was citing, lock a user out of their own Apple account, and then quickly exploit financial apps on the device to siphon money. This is not just a theoretical threat; it’s actually been happening.
So it’s probably best to be very careful about using a phone in a public setting, and especially unlocking it with a passcode. Also Malwarebytes cautions that it’s best not to keep photos of critical documents like passports and drivers licenses on a phone, because these guys search a stolen phone for that too. Instead, if you have to have these on your phone, it’s best to keep the document copies in a password manager that is locked with a different and more complex key than a phone passcode.
-
oldfry
AskWoody PlusHere is a chilling video on the passcode “vulnerability” described above, whereby, you loose everything.
This link may be protected by a paywall, but worth a try.
How many secrets, including 2FA/MFA responses, you want tied to a high theft mobile device is an interesting question.
Windows 10 22H2 desktops & laptops on Dell, HP, ASUS; No servers, no domain.
-
Peter Deegan
AskWoody PlusThanks for that … it’s an argument in favor of FaceID and part of the reason why FaceID is not used before allowing access to some security functions, like changing the passcode.
It’s also a reason to reduce the wait time before the screen is locked — something I mention in the article.
Such operations to get the passcode/pattern do happen but my understanding from unofficial law enforcement sources is those types of sophisticated ‘snares’ are relatively rare. Most ‘petty’ thefts of phones/purses/wallets are by solo thieves not gangs operating together – those solo ‘entrepreneurs’ then sell to organized gangs (which is probably why my phone ended up in Romania).
You can still lock out a smartphone, even if the passcode is changed . But you have to be fast, which is why I urge people to familiarize themselves with the Find My Phone (or similar) site and features. If your phone is stolen or lost, it’s a simple, fast and already known process to get in and lock out the smartphone.
What my article is trying to avoid is the all-too-common exchange like this:
“ My phone’s been stolen, what can I do”
” First thing is remotely lock the phone so no one else can use it”
” How do I do that?”
“Go to the Find my phone site and login with your (Apple) ID”
“What’s an Apple ID?”
<pause for long sigh>
Peter Deegan
-
ibe98765
AskWoody PlusToo many people ar eused to leaving their phone sitting on a desk/table in front of them so they can see as msgs come across. This is one reason why many manufacturers have replaced the read FP sensor with the in-display FP sensor on the front – that way you don’t even have to lift the phone to unlock. Just press your finger on the face of the phone sitting there.
IMO, this leads to people being sloppy and not paying full attention to the situation around them as their phone sits on the bar/table in a commercial environment.
Making things too easy often leads to unintended consequences.
-
Peter Deegan
AskWoody Plus -
Ascaris
AskWoody MVPWhen I do use my phone when out and about, when my laptop is also along for the ride, the only time the phone comes out of the pocket is to turn on the wifi hotspot tether (or if I have to make a call). Once turned on, the wifi tether works quite well from the relative safety of the pocket. If I have my laptop, and it has internet connectivity (which it does, at that point), I can just use the laptop for everything and have only one thing to worry about.
I have never had a cell phone stolen in the ~19 years I have had one, but I did have a laptop stolen by some people (strangers) I tried to help in the early 2000s (by stealth and misdirection). No good deed goes unpunished, I guess… and I am much more wary now, viewing anyone asking for help first as a potential grifter and only secondarily as someone who may be what they appear. I don’t like it, but I do not intend to be so easily stolen from again.
When I am out with my laptop now, I am just as wary. I grip it firmly at all times, never setting it down, and and I have a pretty powerful grip, so a snatch and run hopefully won’t succeed. I am a large and imposing individual, so I would not be the first choice to steal from in that manner, but you never know.
When using the laptop, I don’t just let it sit on a table in front of me or in my lap… when I am not typing with my hands overlaying the keyboard, I use my left hand to grab it (on the body portion) near the hinge. If I have to get up even a few feet from it, I will close the lid and pick it up rather than leave it, even though it would never leave my sight.
I never leave it in the car unattended, even though I could easily hide it . I have never had the car broken into, but if someone knew I had it and somehow recognized my car, they may decide to do so.
I’ve thus far prevented any more thefts. If one does take place, all sensitive data is in an encrypted LUKS volume, protected with a very long and annoying to type in passphrase. It’s all backed up locally, as I was a backup fanatic when that laptop was stolen, and I have not become less of one after that.
In your case (addressing @peterdeegan), you had a laptop and a phone, and the thief took the phone. Was the laptop less of a convenient target, or did the thief actively choose the phone when he had equal access to both?
I wonder if laptops may be a little safer these days for lack of interest on the part of the thieves. Right now my go-to laptop is a high-endish Dell XPS 13, which would be a nice target for a knowledgeable thief, if the value of the laptop itself is a consideration. I am not sure what the breakdown is between thieves who steal for the hardware itself and those who just want a person’s data for identity theft or similar types of fraud.
Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
XPG Xenia 15, i7-9750H/16GB & GTX1660ti, KDE Neon
-
-
-
ibe98765
AskWoody Plus-
b
ManagerLuckily, iOS employs time delays where the device locks itself after too many failed passcode attempts.
For example, if you make 5 failed attempts, your iPhone will lock for 1 minute, 6 attempts will lock it for 5 minutes, 7 will lock it for 15, and anything more than that will lock it for 1 hour.
How to Erase Your iOS Device After Too Many Failed Passcode Attempts
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
1 user thanked author for this post.
-
Alex5723
AskWoody Plus -
b
ManagerUnless preset as in the next section, which is the main topic of that article:
There is another option: you can completely wipe your iPhone or iPad after 10 failed attempts. (Make sure you keep backups if you enable this, though.)
This option is off by default. To turn it on, first open the Settings and then tap “Touch ID & Passcode”.
You will need to enter your passcode to access these settings.
Scroll to the bottom of the Touch ID & Passcode settings and tap on “Erase Data” to enable the self-destruct feature.
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
1 user thanked author for this post.
-
Peter Deegan
AskWoody Plus
-
-
LoneWolf
AskWoody PlusI have a Samsung. At home, awake, my phone is on my desk. When I’m sleeping, it’s charging on my nightstand. Any other time it’s in my back pocket unless I’m making a call. I’ve been using cell phones for ~25 years, and have never lost one.
It’s kinda like my truck keys; they are either in the ignition while I’m driving, or in my right front pocket. I’ve been driving over 63 years and have never lost a set of car keys. My house keys are separate from my ignition keys, and are either in my hand unlocking the door, or in my left front pocket. I’ve never lost a set of house keys.
There’s no setup involved, other than forming the habits.
That’s a great thing, until someone mugs you, or the unexpected happens that you can’t control.
In my case, I was standing in the way (being a larger human) of someone smaller than me to prevent them from suffering injury at the hands of someone at least as large as me. When pushed, I fell. My phone fell out of my pocket, and before I could get to it, someone else on the same street scooped it up and ran.
Not everything in life is predictable. I’m glad that apparently you have never suffered something unpredictable. However, should you, none of your habits will save you, unless one of them includes a documented backup and restore procedure for your phone’s data, and any account names/numbers, passwords, secret questions, and so on.
I have had cell phones since 1998 (my first Motorola StarTAC!) Up until this year, I have never had a problem. I’ve never damaged one, I’ve never lost one, be it Nextel, Palm, Blackberry, Android, or iPhone (had them all). And then I had an event that was completely out of my hands, and the first thing happened. So that’s 25 years for me; right up until the end of January. Ensuring everything is backed up, regardless of good habits is still useful.
We are SysAdmins.
We walk in the wiring closets no others will enter.
We stand on the bridge, and no malware may pass.
We engage in support, we do not retreat.
We live for the LAN.
We die for the LAN.Viewing 6 reply threads -

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
Firefox users on Windows 7, 8 and 8.1 moving to Extended Support Release
by
Alex5723
1 hour, 52 minutes ago -
How to change “User Account Control:Run as administrator”
by
DKThompson
9 minutes ago -
Two monitors, want different “fixed” wallpaper on each one
by
MauryS
6 hours, 43 minutes ago -
Microsoft forcing move to Microsoft account?
by
Tom
4 hours, 38 minutes ago -
Event 2545 Device Management – Enterprise – Diagnostics – Provider
by
Tex265
8 hours, 2 minutes ago -
QBot malware exploits Windows WordPad EXE to take over
by
Alex5723
1 day, 3 hours ago -
Laptop powers off during KB5026361 update
by
dhunter
1 day, 3 hours ago -
How to enable Sleep in Shut down menu?
by
Alex5723
1 day, 4 hours ago -
Beware of Google’s .ZIP domain and password-embedded URLs
by
B. Livingston
1 minute ago -
Longstanding feature requests, and their status
by
Mary Branscombe
1 day, 12 hours ago -
Three typing tutors — no more “hunt and peck”
by
Deanna McElveen
1 day, 12 hours ago -
Is online banking secure?
by
Susan Bradley
32 minutes ago -
Bluetooth audio not working on older Lenovo T420 with Win 10
by
WSmsc0357
18 hours, 22 minutes ago -
Using wildcards in search and replace
by
Bob Karrow
1 day, 21 hours ago -
How is Windows XP an security risk?
by
Curious
8 hours, 23 minutes ago -
Is using VPN a good idea?
by
Tex265
1 day, 18 hours ago -
How to prevent/disable Bitlocker Automatic Device Encryption?
by
EricB
2 days, 5 hours ago -
Unexplained aspects of installing the latest update of Office 2021
by
TonyC
2 days, 5 hours ago -
Getting started with macOS Disk Utility: RAID, images, and repairs
by
Alex5723
2 days, 14 hours ago -
Getting started with macOS Disk Utility: Resizing, snapshots, and journaling
by
Alex5723
2 days, 14 hours ago -
Are you ready for AI?
by
Susan Bradley
2 hours, 43 minutes ago -
Windows 11 Insider Preview build 25375 released to Canary
by
joep517
2 days, 17 hours ago -
Windows 11 Insider Preview Build 22621.1825 and 22624.1825 released to BETA
by
joep517
2 days, 17 hours ago -
Duplicate image name brings up old images
by
Susan Bradley
3 days, 22 hours ago -
XP offline activation tool, xp_activate32.exe
by
Alex5723
1 day, 11 hours ago -
Huge Tesla leak reveals thousands of safety concerns, privacy problems
by
Alex5723
2 days ago -
Android : iRecorder – Screen Recorder new Android RAT
by
Alex5723
4 days, 3 hours ago -
HP has found an exciting new way to DRM your printer!
by
Alex5723
4 days, 3 hours ago -
Outlook 2019 Resend “you do not appear to be the original sender…” msg
by
Mw Ward
4 days, 14 hours ago -
Wine update?
by
bassmanzam
3 days, 17 hours ago
Recent blog posts
- Beware of Google’s .ZIP domain and password-embedded URLs
- Longstanding feature requests, and their status
- Three typing tutors — no more “hunt and peck”
- Is online banking secure?
- Are you ready for AI?
- MS-DEFCON 4: Skip those Secure Boot scripts
- Getting started with winget
- No NumLock key? Problem solved! Here’s the fix.
Key Links
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.