Apple has verified that Stolen Device Protection will be activated by default for enterprise devices upgrading from iOS 26.4 to iOS 26.4.1, and from iPadOS 26.4 to iPadOS 26.4.1. This functionality is part of Apple’s ongoing initiative to bolster security across its devices.
### iOS 26.4 Had Previously Activated the Feature by Default on Non-Enterprise Devices
With the recent launch of iOS 26.4.1 and iPadOS 26.4.1, Apple has issued updates that encompass bug fixes and enhancements. Significantly, the release notes mentioned that the update addressed a CloudKit bug impacting iCloud data synchronization. Apple has also revised its support page to validate that Stolen Device Protection will be automatically activated for enterprise devices during this update.
### Apple Continues to Strengthen Security on Its Devices
This action follows Apple’s earlier choice to enable Stolen Device Protection by default for non-enterprise devices in iOS 26.4. Initially introduced in 2024, this feature provides extra security layers for sensitive operations when an iPhone is outside recognized locations, necessitating biometric authentication for accessing saved passwords or altering account settings. It also imposes a delay for high-risk actions to thwart unauthorized access.
#### How Stolen Device Protection Operates
Stolen Device Protection incorporates various security protocols:
– **Biometric Authentication**: Activities such as accessing stored passwords and payment methods require Face ID or Touch ID, with no alternative fallback, ensuring that solely the authorized user can utilize these features.
– **Security Delay**: Specific actions, such as altering an Apple Account password, require waiting an hour and executing additional biometric authentication.
The update follows Apple’s proactive measures to rectify security vulnerabilities, including those unveiled by the Coruna and DarkSword exploits. Recent updates have been rolled out to fix these vulnerabilities across both legacy and current versions of iOS and iPadOS.
Moreover, the timing of this update aligns with Anthropic’s declaration of its new AI model, Mythos, which is intended to detect security weaknesses in operating systems and browsers. While the choice to enable Stolen Device Protection by default for enterprise devices may not be directly associated with recent exploits or the influence of Mythos, it highlights Apple’s dedication to enhancing user security.
For additional details on Stolen Device Protection, users can check Apple’s support page.