There’s more than one way to lose your phone
By Dorothy Wilson “The Marion Mom”
I’ve always said if I lost my iPhone, my world would crumble. Little did I know the rankling verisimilitude of the statement.
Last week, I handed my iPhone to my daughter so she could post a picture to her Instagram account.
As she fiddled with it, she suddenly gasped and exclaimed, “Huh? Mom! It says, ‘This phone is locked. $40 to unlock. Send on e-mail to email@example.com.’” Like all experienced mothers, I responded in exasperation, “What did you do?”
Well, it wasn’t something she did. It was something mean people did.
I was ransom-hacked. It felt like password purgatory.
If that wasn’t enough, they didn’t even have the decency to use proper grammar in their ransom note. It’s like fingernails on a chalkboard, people.
The screen was locked, allowing only emergency calls and passcode input. I tried my passcode twice, but to no avail. (I stopped after two, because Apple has designed these confounded devices to permanently lock out after six attempts, to prevent maleficence.) This, unfortunately, occurred on the road home from kids’ camp and at the end of a fabulous week of couples’ hiking near Greers Ferry Lake.
This means two things: a) I needed my GPS on my phone, and b) I couldn’t access my photos, including the sentimental “First time at camp” photos for the twins.
I also discovered later the importance of my access to my contacts and calendar as well. Appointments, parties, reminders, bill payments- all hidden behind the impregnable fortress of the passcode.
It was my own fault, really. I have always heard the advice to never use the same e-mail address and password across several websites, but come on, let’s be real: my aging brain can only assimilate so many passwords.
Additionally, due to the excessive number of security breeches, websites are requiring more difficult passwords. They might as well demand a skin scraping and a drop of blood!
It’s too much.
So I use the same e-mail address and password for all my log-ins.
Don’t judge me. I know you’re all doing the same thing. I’m using my creative space this month to tell you to stop it!
The swindlers accessed my iCloud account using my recycled e-mail/password combination from a less secure site.
From iCloud, they activated Find My iPhone to lock my phone remotely with a passcode of their choosing and shoot me a little message.
For example: “I’m holding all your vacation photos for ransom. Send me $40 and I’ll give you the passcode… Promise.”
Yeah, I’m not trusting a thief with my credit card number.
When I called Apple to break the bad news to them, I honestly expected that they would just reset my account and retrieve the use of my phone.
Well, if there’s one thing you can count on in this world, it’s that nothing ever goes the way you expect.
Unfortunately, I failed the security questions. When asked, “In which city did your parents meet?”
I unfalteringly answered Marion.
But five years ago, when I opened my Apple account, I suppose I could have answered “Marion, Ark.” or “Marion, AR” or worse, given a verbal answer to an associate who, much to our chagrin, typed “Marian” or “Marian, AK.” (No such place. I Googled it.) The other two questions were equally ambiguous.
Your first car: make and model? Just the make? Just the model? Color and year? Your favorite job: Not applicable? Or maybe “writer” or “author” even though that’s more of a hobby? “Homemaker, home, mother, parenting, homeschool teacher, stayat- home mom”?
My ambiguous answers made it disastrously impossible for me to convince Apple to reset my password.
So, in short, it was easier for scoundrels to access my account than for me.
“I have my social security number,” I said.
“We don’t have access to that,” responded the supervisor, Danielle.
“I have the other phone numbers on the account and their social security numbers, too,” I begged.
“Sorry,” she pressed. “I can only verify through security questions and the credit card on the account.” I felt comfortable enough telling Apple the last four digits of the credit card, and she finally believed I was the selfsame Dorothy Wilson as named on the account.
Danielle then sent me an email with a link to reset my password, disabling my account until further notice. The catch is, due to another security policy, the e-mail wouldn’t be sent for 24 hours. Twenty-four hours to the second later, I accessed that email, clicked the link to change my password, logged on to Find My iPhone, and repealed it’s lost status, with a little victory dance.
“Sentimental photos, here I come!” I thought, with visions of scrapbooking dancing across my brain.
Not. So. Fast.
The passcode couldn’t be repealed. Or changed. Or revealed. Even by the Apple supervisors. Even with an FBI subpoena. Even if the fate of the apocalyptic world depended on it. In response to my devastatingly crestfallen visage, my husband actually suggested sending the $40 to the thieves.
But I still didn’t cave.
It took me four days to accept the loss. During that time, I loved being disconnected. I loved being inaccessible by text or phone. I loved interacting with my kids without Instagram or Facebook niggling the back of my mind.
But the draw of the convenience that technology has created for me eventually resigned me to acceptance of the inevitable.
I erased my phone and started over from my last restore point in February. Now, I can text while on a call while writing this article while paying bills while updating my calendar while checking Instagram while Craigslisting while e-mailing while reading a recipe while listening to a book while watching YouTube compilations of PokemonGo fails.
This, friends, makes me happy.
Or perhaps, my next phone “upgrade” will land me a flipphone like my dad’s, to reconnect me to life, people, love, and peace.
Or at least keep me out of password purgatory.
Until you make that decision as well, here are some things that, in hindsight, any one of which would have prevented this traumatic string of events: 1.
Set up two-step verification whenever it’s offered.
2. Set your own passcode, but for the love of God, don’t forget it!
3. Do not re-use usernames and passwords.
4. Back up your phone regularly, either via hardwire to your computer or the magic of The Cloud.
Dorothy Wilson lives in Marion with her husband Chris as they enjoy all the adventures their seven children provide. Her column’s appear monthly in the Marion Ledger and reprints, like this one from the July 2017 Ledger, appear in the online edition of the Times.