If you have an iPhone or iPad, chances are you’ve played around with the Siri virtual assistant. You’ve probably asked it all sorts of important questions such as, “What’s the meaning of life?” or “Tell me a joke.” But, Siri could be giving up your secrets because of a security hole that’s easy to fix.
Potential Security Gap
Apple prefers quick access over device security for Siri, which is why the iOS default settings allow it to bypass the passcode lock. However, allowing Siri to bypass the passcode lock could allow a thief or hacker to make phone calls, send texts, send emails, and access other personal information without having to enter the security code first.
A balance must always be struck between security and usability. Users and software developers need to choose how much perceived security feature-related inconvenience they’re willing to endure to keep their devices safe versus how quickly and easily they want to be able to use them.
How to Tighten Siri Security
To block Siri from bypassing the passcode lock:
- Tap Settings.
- Tap Face ID & Passcode. Or, tap Touch ID & Passcode on devices that do not support Face ID.
- Enter your passcode.
- Ensure that the passcode lock option is turned on.
- Set Require Passcode to immediately.
- In the Allow Access When Locked section, turn off the Siri toggle switch.
- Close the Settings.
Practical Considerations
Whether you prefer instant access to Siri without having to look at the screen to enter a passcode is completely up to you. While you’re in the car, for example, driving safely is more important than data security. So if you use your iPhone in hands-free mode, keep the default option, allowing the Siri passcode bypass.
Tap Settings.
Tap Face ID & Passcode. Or, tap Touch ID & Passcode on devices that do not support Face ID.
Enter your passcode.
Ensure that the passcode lock option is turned on.
Set Require Passcode to immediately.
In the Allow Access When Locked section, turn off the Siri toggle switch.
Close the Settings.
As the Siri feature becomes further advanced and the amount of data sources it taps into increases, the data security risk for the screen lock bypass may also increase. For example, if developers tie Siri into their apps in the future, it could provide a hacker with financial information if a banking app is running and logged in using cached credentials and a hacker asks Siri the right questions.
Apple continues to monitor security concerns about Siri and has prevented some functions from being performed while a phone is locked. One example is if you have a HomeKit (Siri-enabled) door lock, someone can’t ask Siri to unlock your door if the phone’s lock screen is active.
Get the Latest Tech News Delivered Every Day