Silly question as a non iPhone user
Can you update an iPhone without unlocking it?
Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug
Apple is finally working on a fix for a bug that has locked some users out of their iPhones for months, The Register understands. Cupertino's iOS engineers apparently became aware of the Czech keyboard blunder last week via university student Connor Byrne's Reddit post and set out to fix it in an upcoming iOS 26 release. …
-
-
Friday 17th April 2026 10:25 GMT Headley_Grange
Re: Silly question as a non iPhone user
In theory you can by connecting it to a Mac or PC and running recovery/DFU mode. I say "in theory" because Apple these days seems to have moved off the 'reliably boring" step onto the "break things" step. If the user hasn't got a Mac or PC then they ought to be able to get it sorted out in an Apple shop.
It's hard to understand how this change survived any sort of requirements review or design review but the good old reliable Upsilon testing picked it up.
-
Friday 17th April 2026 10:36 GMT Andy Taylor
Re: Silly question as a non iPhone user
I would imagine that the user unlocked their phone with the password on the working version of iOS then updated it to the broken one.
Since the update process reboots the device, it will disable Face/Touch ID and require the PIN or password to be entered to re-enable it. This was now an impossible task because of the missing character.
Plugging in to a computer would not work either because that requires the PIN/Password too.
The only way out is a factory reset and then restore from backup.
Back up your data folks.
-
-
Friday 17th April 2026 13:04 GMT ChrisC
Re: Silly question as a non iPhone user
But he didn't, he lost access to the phone he STILL had in his possession, solely because Apple pushed an update rendering useless certain previously valid passwords...
Yes, as several of us pointed out in the comments for the original article, it's not unreasonable to use this as another real world example of where having good backups would have helped, but please let's not continue falling into the trap so many others did in those comments of focussing *solely* on the lack of any backups and ignoring the rather significant part Apple played in this user losing access to their data. Because this is a rather salient point - even if you ARE performing good backup policy, there's a good chance access to your data will STILL be at the mercy of the manufacturer of whatever system is required to access the backup.
So unless your backups are being made in a form that you can guarantee will remain readable no matter how badly someone else might mess things up, then are they actually backups at all?
-
-
Sunday 19th April 2026 09:06 GMT MonkeyJuice
Re: Silly question as a non iPhone user
I believe the issue is that until the pin is entered, iOS doesn't initialize any connected USB devices. The fact that Apple themselves are actually addressing this bug implies that even their support engineers fell off the flowchart into "Buy a new phone" territory.
-
-
Sunday 19th April 2026 11:49 GMT MachDiamond
Re: Silly question as a non iPhone user
"Because this is a rather salient point - even if you ARE performing good backup policy, there's a good chance access to your data will STILL be at the mercy of the manufacturer of whatever system is required to access the backup."
A backup that requires a third party to be useful is not a good backup. Sure, it can be handy if you are traveling and want/need to back things up to a 'cloud' drive as a safety measure, that's not a bad idea. To rely on that full time is silly. I have several backups of my critical data both inside my computers and out, on and off site. None of those require internet access, a subscription or the benevolence of some company to make use of them (unless I need to get to a family member's house to retrieve drives as a last resort and need to fill up with petrol and have working roads).
-
Monday 20th April 2026 17:07 GMT Anonymous Coward
Re: Silly question as a non iPhone user
The whole backup thing depends on the scale you are working at. For backing up the work data, with multiple VMs and cloudy stuff, there really is no option but to use backup services and products where it's possible something could go wrong, rendering backups unrecoverable. Unlikely, if you use reputable services, but still possible.
For home computer backups of files I have a simple Robocopy script which copies the lot to a USB SSD. Basic files, so highest chance of them remaining readable. I also back up the non-confidential stuff (music library, etc) to a cloudy service as a fallback, but I certainly wouldn't trust said cloudy service as my only backup!
-
-
-
-
Friday 17th April 2026 15:02 GMT Anonymous Coward
Re: Silly question as a non iPhone user
Yes, put it into DFU mode, connect it to a PC with iTunes or a Mac, it will be detected and you get the choice of updating without erasing anything or a full factory reset (but it doesn't remove the activation lock)
As always, FFS people, back up your data, especially from easily damaged, lost or nickable gear like a phone
-
-
-
-
-
-
Friday 17th April 2026 12:12 GMT Bebu sa Ware
Re: Only the lucky get fixes
"Well it did affect customers from an entire country, not just one person."
Only those Czechs who didn't use the four or six digit pin and did include the Czech háček in their passcode. Probably the one in a million chance that is a certainty. It's only the unlock screen that is affected - the Czech keyboard is fine once unlocked.
Apple is a bit buggered here. If they can break into this phone they have been lying for years to one party or other. If they cannot (or wiil not) then they get slammed for a fairly foolish breaking change.
I guess the world is still ASCII - Make Ascii Great Again.
-
Friday 17th April 2026 13:18 GMT Dan 55
Re: Only the lucky get fixes
That would be like confidently asserting that some other bug only affects the apostrophe on the English lock screen keyboard and who uses that. So what - it can still screw people who log in with a password and used that character and it shouldn't have happened.
Broken software localisation by US software developers (stupid dumb drooling puzzle.jpg) is precisely why it's still an ASCII world.
-
-
-
-
Friday 17th April 2026 12:03 GMT LoonyToonz
Wouldnt an external keyboard work
Its been several years since I last had to do this with an iPhone but using the official camera adapter allowed you to plugin a a USB keyboard so you could enter the pin to enable it to talk to a connected computer.
Had to do it a few times when people broke their iPhone screens so much that they couldn't enter the pin that was required to connect to a PC or Mac to back it up, prior to it been taken to a genius bar for repair.
-
-
Sunday 19th April 2026 01:27 GMT bemusedHorseman
Re: Wouldnt an external keyboard work
And even if it allowed an external USB keyboard, it wouldn't change anything because the keyboard sends key code numbers, not actual text characters (unicode or ascii), and it's entirely dependent on the current locale on the main device to contextually interpret. "Hmm, keycode 35 was pressed while 58 was held. Current environment says this combination corresponds to character č, transmit č to active input field."
The special hat letter was deleted from the locale data itself, so even if it allowed an external keyboard input, there is no combination of keystrokes on any keyboard - not US English, not Czech, not even Korean - that would be parsed as the missing character.
-
-
-
Friday 17th April 2026 12:49 GMT QET
Re: Apple...Or Someone Else?
Would be mighty embarrassing if a 3LA can fix a obscure yet monumental fuckup on Apple's part, and at the same time, point out more security flaws.
Though I'd bet the agencies in question would really prefer to keep those known software loopholes for juicier targets.
-
-
Friday 17th April 2026 14:05 GMT Anonymous Coward
Making the impossible possible ....
Back in2021, when MS were fucking around with their printer privilege problem, their "fix" borked every computer in our network.
"Don't worry" said the support agent "You just need to log into each machine, apply this fix, and good as gold. There is no other way".
"That's nice" I said. "And seeing as you paid to support us, when will you be doing that ?"
48 hours later it was all fixed.
-
-
Friday 17th April 2026 17:02 GMT MadeInNY
Re: Bug?
I've been an engineer for a LONG time, and we rarely deliberately take out things. We do however neglect to put back some things.
Perhaps not much of a difference but never attribute to malice that which can be blamed on incompetence (or more realistically, lack of forethought.) -- My variation on Hanlon's Razor.
-
-
-
-
-
Saturday 18th April 2026 11:46 GMT Richard 12
You cannot
After a power-cycle or firmware update, you must unlock using the onscreen pin or password before any external devices will connect.
I don't think FaceID or fingerprint reader work either until you've unlocked it once. (Certainly this is the case on Android)
I am wondering how the OP is going to install this update, given that it cannot be unlocked. Maybe there is a force firmware update if booted in the recovery/wipe mode.
-
-
-
-
Saturday 18th April 2026 12:07 GMT Eric 9001
I remember reading about
Another used facing the same issue after using an emoji in their password - when apple decided to introduce emoji modifier characters, the extra bytes inserted made it impossible to login.
The current used seems to plan to go out of the fire (iOS) and into the frying pan (Android) huh?
-
Saturday 18th April 2026 15:29 GMT Necrohamster
"The student, 21, used the unconventional method of authentication for his iPhone 13. Instead of using the four-number PIN that most iPhone users opt for"
Speak for yourself. I thought the setup process steered the user towards 6-digit PIN for several IOS generations?
"The only issue was that he used the caron/háček (ˇ) on the iPhone's Czech keyboard as one of his special characters - a character Apple removed in iOS 26, which became generally available to iDevices in September 2025."
You can use an external keyboard over USB-C or a lightning-to-USB adapter, and enter the alt code for the háček
-
Sunday 19th April 2026 08:02 GMT hugo tyson
Password validation before verification = FAIL
I wish I wish I wish all password entry pages/dialogs/apps would have a popup telling you what their password requirements are. That way I would know which password to use there. For unimportant but an-account-is-handy places, I mean, not for anything serious.
I've once experienced something similar on a proper important finance website login. They changed the password requirements "to improve security" by requiring more variety of course. And then put the check in the password entry dialog. So it refused to pass on my actual simple password to the authenticator because it didn't meet the requirements, FFS.
Obviously the check for pw requirements should be in, and only in, the change password routine.
Fortunately the "forgot pw" dance with emails and that sorted it out in that case....
-
Monday 20th April 2026 08:41 GMT Dinanziame
Can't believe that Apple pushed a new keyboard that is unable to write Strč prst skrz krk
