A Potentially Major Security Issue

I understand what you're driving at, but if touch/face ID fails a few times, then the user can still just enter the passcode if they know it. Thus, restarting the phone isn't necessary. Erasing the phone only occurs if the passcode is entered incorrectly X number of times. It does not apply to face ID/touch ID in the same way.
Hope this clears things up.

First of all, I see where you're going with your point. It's interesting if not a realistic threat, and I'll attempt to explain here.
The data of your face/touch ID is stored in a secure unit in the Apple chip. So yes, they're more secure.
Find my:
Remember that turning on the iPhone will make it easier to track with find my. You could of course remove the SIM card, so as to break that internet connection, remember though that even erasing the iPhone won't fix or change the passcode situation. Yes, you could know the code or enter it wrong, but iCloud lock would then kick in.
Losing your phone.
Also, it’s advisable to erase an iPhone as soon as you can should you lose it. The person who gets hold of it therefore may be able to access your data such as messages, but remember as long as you don't store the password in the notes app or anywhere else, the power of erasing your phone would be with you.

Also, consider not using simple passcodes if this is of concern to you.
Again, say your password is 182838 you could change to a word such as testword. Its harder to guess, more secure, and the best way to keep your devices safe.

I see where you are coming from but this isn't that likely to happen, for one. For another, there are methods you can take to minimize this. Long passwords are one option. Another one is that even if your phone gets stolen and turned off and the chip gets removed, when you erase your phone from another device as soon as it turns on again and connects to a wifi network, it'll erase. Also, there is one avenue you can take to prevent the removing of the sim card and thus losing connection with find my... use a esim. And also enable the option to erase your data after 10 failed passcode attempts if your that worried of something like this occuring. This can happen yeah, but it is quite unlikely, and in the event it where to happen, there are steps you can take to minimize risks like the ones you mentioned.

While things like face ID and touch ID are suppose to add an extra layer of protection, they also cant be impermeable. What happens if your face is in bandages. I where a cpap mask, and the phone isn't able to recognize my face through it. The iphone can't force you to use face ID, you can use it whenever you like, so can everyone else who knows the password. So unique passwords are the answer here.

The way I see it, Touch ID and Face ID should be regarded primarily as conveniences rather than security features, as there's nothing they can access that a passcode can't. As biometric authentication can fail, such as with a moist finger or altered facial appearance, the passcode can always be used as a backup. Therefore, your best defense against someone guessing your passcode and consequently gaining access to your phone and Apple ID is to use a strong password and set the iPhone to erase data after ten failed entry attempts.

In public, biometric authentication paired with Screen Curtain may offer a security benefit, as potential shoulder surfers won't see you enter a credential that they could also use if they got physical access to your phone.

One feature that I have turned off in iOS 17 is that your phone can remember your previous password for a period of I think 72 hours after you change it unless you turn that setting off. Theoretically, it is supposed to be in case you forget your new password but remember your old one. However, I have disabled it as I see it as a slight security vulnlerability.

But the reverse where I you NOT want the phone to be unlocked with my face is a scenario where you're under duress. You can instantly disable FaceID and TouchID by holding the volume up and sleep buttons together.

I have my phone set to erase itself after 10 failed passcode attempts. Unless they watched me enter my passcode they're not getting in.

If your that paranoid then don't own a smart phone. It is that simple. What you are saying will not happen most likely.

If such a single scenario exists, they created lockdown mode. Journalists, musicians, celebs, all can put their phones in such a state, rendering their information securely stored. However, they then say to Joe Idiot, here is how to enable this, if you want it safe. He does so, then grabs an AR15, shoots a ton of people, blows himself up to avoid tax payers draining for however long the moron stays alive. Cops try to access said phone, can't. apple shrugs. "Well he's got a right to privacy." Does he? Families get no closure, no justice, because apple's backbone is nonexistent? seems fair, right? Yes, lockdown should be used in high profile situations, such as musicians and journalists. Joe Q hacker, doesn't need it.

First off I am not sarcastic and the fact you took it. That way is quite interesting. Second you keep coming up with these wild scenarios, so what would you have somebody do? Of course they’re also is the fact that somebody can just Google lockdown mode and go from there so what point do you actually have? I was in fact being serious look at this California killer, who killed a bunch of people in Apple wouldn’t cooperate opening the iPhone. Maybe your common sense pill didn’t kick in yet? :-)

The passcode is the ultimate backstop for securing your device. We actually get some benefit from screen curtain in this case, because it’s harder to decipher the passcode visually. I’m not sure how you could tighten this up any further though short of some sort of two factor authentication with another independent device, and most users won’t tolerate that every time they want to unlock.

The only thing I could think of is if somebody actually watched how your fingers move around the keys because obviously it’s a telephone set up yet. That’s why Apple sometimes has the numbers going straight across or the telephone style set up. Again, harder to differentiate.

These are things that have been mentioned on the internet since touch ID first was announced way back when. Hopefully people who are spending boatloads of money on a phone like this will look into ways to keep it secure. You can only do what you can do to protect your devices, and while I admit that the scenarios you have come up with are possible, the sighted folks face the exact same issues/risks. Also, Voiceover may be a deterrent for many people as your average person will have no clue how to operate a phone while Voiceover is running.

Not only will 90% of people wouldn't have the slitest clue how to use a phone with voiceover enabled, but there's also the secondary problem, depending on the user... if screen curtain is enabled. That would complicate things even more.
As far as the shooter scenario. Ok. Want to go into extremes?
No, apple isn't obliged to open, unlock the phone of the shooter, because, yes privacy, and think about this. If apple said yeah sure, we'll open the phone... this would be a major trust ishue, people wouldn't be able to trust apple because they got into a phone, when they say they're about privacy. Furthermore, what's to stop say, corrupt authorities from grabbing your phone, and make up bullshit evidence, then passing said evidence to a corrupt judge or court in their pocket, you get convicted, and then they say, oh access this user's data, despite it all being fake?
Now back to reality. This scenario wouldn't happen in the first place, but if you wanted to go that far with your arguments... Look, the scenarios you described are technically possible, but their really unlikely to happen, we would be talking not even a point 1% chance, we're talking a point 00 something chance. Its not something you should worry yourself about. ,

We can "What if?" all we want. The problem is the OP flips out, what if, this? that? happens? Now Without giving a concrete answer, knowledge of how to overcome, anything except, flip out the Net with whatever H/she as they kindly have written plan to do about anything. My family member was a cop, so I respect and accept how your point is coming across. There are "bad apples" out there. However we can wish for whatever we want, in the end, someone, anyone, will take advantage of anything. So how, OP do you convince someone, anyone to be worried? You can not. So go on sir/mam/ or however you wish to be addressed.

Would be federal law enforcement. 'Nuff said. 🙁

Also "bad apples"?

I see what you did there.... 🤡

Let's break this one down simply.
1. Your device security is your responsibility. Why yes these people do exist, it’s your basic duty to make sure that you do everything in your power to keep your device secure.
2. Completely unlikely-
If you're using voiceover and screen curtain, you should be secure, now if you want to go booming out your passcode through your speakers, again that's on you.
3. People you know
Let's just be honest here, friends or anyone you know having your passcode because you told them then something happened to your iPhone would be your fault. You should only tell people you really trust your passcode, and even then, I don't really recommend sharing it out if it bothers you this much that something could happen to be honest.
So there, the short of it is that hackers and people exist, your situation has about a 1% chance of ever actually becoming a real concern, and you hold the keys to your security.
That's honestly all there is to say on this one for me

If your not a fan of screen curtain, you could type in your password using braille screen input Given there is no speech when typing in password fields, and that the only things displayed when typing your passcode are I believe bullets or stars on the screen if you had screen curtain turned off, that would avoid the potetcial ishue of people identifying what your typing by looking where you place your finger on the screen, as... I'd say more than 90% of people in general don't know anything about braille in the first place.

Handwriting rotor function is wonderful for typing in Passwords/PINs. Like with BSI, the only thing others will hear are clicks as each character is entered.

@Oliver,

One of my CompSci professor's was a former Department of Defense employee. Without going into too much context, he once claimed, during a lecture, that the most secure computer he ever heard of was one that was :
1. Smashed to bits.
2. Buried about a mile underground.
3. With no possible way of obtaining any part of the device.

I kind of have to agree... 🤔

I'm in agreement with Oliver here. Sounds to me like you will less than satisfied with anything other than a device which has eithe rbeen smashed beyond repair, barried under tons of earth, held at a location inaccessible to all of mankind, Etc. Utterly ridiculous, IMHO. But hey, what do I know? I'm an iPhone user myself, so I must be able to afford the best security ever. Right? Right?

Ok, hold on. How is bbeing able to verify face ID, touch ID, at start up, a vulnerability? Its not. Think about it. Having face ID, touch ID unlock the phone after power on / restart etc, would be, in fact, a huge vulnerability issue, because there is absolutely nothing stopping someone from say, holding the phone up to your face after a restart, power on, etc. That, plus how would being able to verify yourself via face ID, touch ID, would help, or make things more secure? I mean, as long as you have a strong passcode... mine is more than 13 digits; you'll be ore than fine and no, the passcode isn't in any way related to any information about me such as dates, names; etc. Now, if you have a weak / easily guessed passcode... Yeah I can see why'd you bring up the, face ID, touch ID to verify your identity but, hey its the end user's fault if they set a weak passcode.

@Enes, how do you know that almost no people use a passcode? Are you actively doing research on this topic? From what source does your data come? How recent is this data? How large of a sample set are you working with? I would love to see some sort of proof for your remarks. Also, to my knowledge, Apple *is* doing all they can to make their devices secure for even those users who aren't tech experts. If they don't, it's not for you to worry about. That would be something they would have to fix, not you. Good day.

@ Joseph, there are a lot of variables. People who don't use a passcode is only one variable. Then there are people who use 4 digit passcodes, and that's not to mention the subgroup who, for-example, use something personal and easily guessed, I.e, birthday, an important date, etc. Then there is the people who use a 6 digit passcode... and the same subgroup as the above. The list goes on, but it’s not just one subgroup of people not using a passcode and those who do; even in these various groups there are many variables. What it really comes down to is... how secure does a user want to be? It’s not up to apple, google, microsoft, etc. They already implemented the tools, so to speak, I.e, alfanumeric passwords, etc. It is up to each user if they want to use the provided tools or not; but that's what it really boils down to in the end. Harsh as it may sound, security is the end user's responsibility, not a megga tech giant's... They fulfilled their responsibility; giving you the tools. The rest is soulley up to the user.

Thing is, having to verify your identity after restarting and putting your passcode is not really necessary. It would just be inconvenient for the end user. While I get partly the use of it; in theory, that is; its not really needed, especially if the user had a passcode that's not easily guessed, as in any ccase, if the phone gets stolen etc, no one would be able to access it in the first place. In the case you mentioned above, this isn't really necessary, as far as verifying your identity after restarting etc. Not to mention the following. There are times where you put your finger on touch ID or you use face ID and the phone fails to recognise you maybe because your fingers are wet or because you didn't position your face or finger correctly, or, since face ID is automaticaly activated, sometimes you don't even mean to unlock the phone, but the phone thinks you did, and you get a try again, prompt, when you didn't even wanted to unlock the phone in the first place. So if you where required to verify your identity after a restart etc... If the verification where to fail, as seen above... In essence, the end user would be screwed, as there would be no way of logging into the phone whatsoever if the identity verification failed, which is something you need to consider as well; potential instances where if the verification where to fail... What then. Because generarly, once you fail verification for x number of times your account gets locked, requiring you to contact the place where your account got blocked do to failing' identification more than once, so that they ccan unlock it. Given this is software, its free, but in apple's case since it is hardware... If we're continuing the way face and touch ID work, I believe you have to enter your passcode after 2, 3, failed touch,face ID attempts, so logically, if identity verification was a thing, you'd have the same number of attempts to successfully verify your identity via touch, face ID. As said above, if say, the face, touch ID verification failed 3 times... That would lead to one outcome; your phone gets blocked, locked, call it what you will, and you'd have to send it to apple or take it to a applestore or other repair center so they could unlock it and grant you access once again... which would mean spending money just to once again, have access to your device. And yeah maybe it might not be a high cost but still, and that's assuming that apple would be even able to unblock your phone in the first place... Think of it like how a fermware password works. If you forget it... Not even apple can reset it; same goes for filevault. If you forget your password, and you forget the recovery key, if your using that as a recovery method to unlock your computer... There is absolutely nothing that apple can do, even if they wanted to. See where i'm going with this? It just wouldn't work. It wouldn't be as simple as you think.

here is a great podcast that you all should listen to, this will help more perhaps.
https://podcasts.apple.com/us/podcast/darknet-diaries/id1296350485?i=1000632843847

Yes. I know what the page that link above states. Subscription and macOS 11.x required.
F**k that noise.

Instead, follow these instructions:

1. Go to https://darknetdiaries.com/episode/139/
2. Press VO + Command + 'f' (macOS) or whatever the WindowsOS alternative is, to navigate by Frames. Protip, there is only a single frame...
3. The frame is labeled "Podcast Frame". Press TAB and you should land on a button labeled as "Play".
4. You are so very welcome. 🤠

Surely your point about email verification, especially destroys the rest of them. The email is not the most secure way, so I feel using that as secondary verification you’re not guaranteeing yourself any security anyway. Again, low chances, and all that, but they can also still be attacked.

Yes, you can enter your passcode instead of using touch ID, face ID when autofilling passwords if that's what you want. In face ID and passcode, or touch ID and passcode, under the use touch ID or face ID for, section, turn off autofill. That'll disable face, touch ID from autofilling and you'll have to enter your passcode in order to autofill passwords etc.

I still feel that Screen curtan and Braille display is still a great secure way. There not gonna sit around to learn Braille just to hack someone else's iPhone, are they?

Seriously, I love the site, but why, have, know, one, created, an, AppleVis iOS/iPad/Mac OS app for this site yet? Just asking.