Character in iPhone Password Removed From Keyboard
Connor Jones (Hacker News, Reddit):
A university student in the US is in data limbo after Apple removed a character from its Czech keyboard, preventing him from entering his iPhone passcode.
[…]
This is because iOS 18 was the last operating system version that allowed iPhone users to enter the special character – in this case, the caron/háček (ˇ) – using the old keyboard on the lock screen.
[…]
The student has not backed up the files to iCloud either, so they cannot be retrieved via a separate device. Apple support staff have suggested the only way to regain access to the iPhone 13 is by restoring it, which would erase the files of value.
[…]
Apple Support arranged for Byrne to attend a Genius Bar appointment, where the staffer behind the desk made no progress and even started restoring the phone without seeking the student’s consent.
My first thought was to plug in a USB keyboard, but apparently iOS doesn’t allow that before first unlock for security reasons.
Previously:
2 Comments RSS · Twitter · Mastodon
There are some details in the Register article that make this case extra weird. iOS 26 only removed this particular character from the *lock screen keyboard*, not the regular keyboard that's in use when you normally type. What? I didn't realize there was a functional difference between the lock screen keyboard and other keyboards (besides appearance). Furthermore, the Register's testing indicates it wasn't even "removed", it just *stops being entered*: "The OS will not allow users to input the háček as a character. The key's animation triggers, as does the keyboard's key-tap sound, but the character is not entered into the string." This sort of makes it sound like a bug. Or maybe a security fix, but an incomplete one at best. Though this conflict's with the student's own account which says the key was actually removed and replaced with a different character.
They also link to a Reddit article where *multiple* people have been having this same problem, not just one person.
Also, how would you test against this case? Passwords are hashed so there's no way for the phone to know the existing password has a newly-illegal character. I guess just don't remove characters from the lock screen keyboard, ever? Or I suppose you would first have to do an interim update that still allows the character but prompts the user to change their password when they enter it.
"I guess just don't remove characters from the lock screen keyboard, ever?"
Yes, this. Removing a character from the login keyboard is such a dumb idea that it is immediately obvious that you can't do it without locking users out of their devices.
