Security risks of disabling "Find my iPhone"?

I need to disable Find My iPhone function for the period of repair at Apple's authorized repair partner (which will last several days).

Can it impose any security risks to the on-device data and/or the accounts I logged into with the device?


I am not asked to disclose iOS passcode; I will disable FaceID unlock; all lockscreen features (entire Settings > FaceID > Allow Access when Locked section).

What else should I consider configuring? What risks can still remain?


Find My iPhone Activation Lock was introduced in iOS 7 as a way of preventing stolen devices from being reused by later purchasers. But as far as security risks, Apple (let alone anyone else) cannot re-install the iOS operating system with the Find My iPhone Activation Lock enabled. Also even after that, it has to be "Activated". This involves a secure connection to Apple servers to be established which allows Apple to determine the physical device identity, and to see if that device is associated with a certain Apple ID (and such association is applied by enabling Find My iPhone) or not.

If Apple has to replace your device with a different one, it makes good sense to disable Find My iPhone before taking the device from you. This allows them to recycle the device (especially the mainboard) if they replace your device. Also, it allows them to provide that new replacement a similar serial number compared to your current device without Find My iPhone preventing them from inactivating your device from their system. With Find My iPhone enabled your device becomes blocked on the Apple servers and the repair chain that it becomes a part of gets broke. With Find My iPhone off it allows the new device (the replacement) to re-enroll for activation under any account.

As for your data, erasing the iPhone can fix that. If your Apple Account is using two-factor authentification, you should have a list of trusted numbers and trusted devices. As long as you have access to all of those devices and that number, not even Apple or law enforcement can gain access to your account.

Even if they erase your iPhone the system won't allow the device to be used by Apple or another user with the Find My iPhone activation lock enabled. Without the original owner's login details it becomes an expensive brick.

This is why stealing someone's device isn't worth the trouble because unless you know the account login, you can never use the device.

Hope this answers your questions.


The security risk you endure is that you won't be able to trace the device location, and use the functionality in Find My iPhone for erasing the device, adding a message and giving off sound.

In addition it is possible for others to format the device and start using it with a different Apple-ID. However this is not a risk to the confidentiality your data or your accounts - they would need to do a factory reset (i.e. delete everything from the phone) before doing this.

I would advise backing up the unit before handing it over for repairs at the very least. If you want absolute safety, make sure that your phone is completely emptied before sending it. You do that from Settings > General > Reset > Erase all content and settings.

Assuming that you trust the repair partner to not steal your iPhone, I would say that the only real risk associated here is what happens if someone breaks in and steals your iPhone from the repair partner's premises. In this case your data is not anymore at risk than it was before, but because you have disabled Find My iPhone - you cannot track your phone, and it can be repurposed for a different user.