Can a casual user of my iPad set it up to have remote access
If someone has access for a few minutes to one's iPad, with permission, including the login password, is there anything they could do that compromises ones's security? Should one change the login password afterwards to be sure?
It's not really meaningful to provide a blanket "yes" or "no" answer. Instead, let's look at some scenarios.
-
Unsophisticated attacker -- probably no.
- If there is a recent high-risk security problem and you have not yet installed the latest OS update, mmmmaybe.
-
Limited physical access -- probably no.
- If you let the attacker out of your sight even briefly, be a little bit concerned. If they disappeared behind a corner and you catch them connecting your device to a laptop, be very concerned.
-
Sophisticated attacker -- now it's getting interesting.
- Are you a high-profile target? If so, get professional security advice instead of googling random security-related questions. Chances are there's a team of security researchers who is eager to take you on as a research topic if you have reasons to believe you are under attack from a nation-state security agency or similar.
- Could you be a "useful idiot" for someone trying to reach a high-profile target? Like, are you personal friends with Lois Lane and Clark Kent? Or are many of your friends the president of Lugunda, or guerrillas from the People's Liberation Front of Elbonia?
There are indications that cybersecurity ops from several countries are equipped to break into systems using "zero-day exploits". This means that there is a security problem which has not yet been communicated to the vendor, let alone fixed with a security update. We can't rule out the possibility that there is an attacker right here right now who has access to your system using secret back doors. But they are unlikely to risk spending such valuable assets on a low-priority target -- every exposure increases the risk that they could get caught.
Of course, if any of this sounds even remotely plausible, you would not loan your device to strangers in the first place, let alone reveal your password to them.
Though really, there should never ever be a scenario where you reveal your password to anyone. If you did, by all means, yes, change it.