Q: My iPod touch, running iPhone OS 3.0, was recently stolen. My 3 email accounts (2 GMail, 1 Hotmail), Facebook account (via the Facebook app) and Twitter account (via the Twitterrific app) were all active on it. My question is two-fold. Firstly, is there any way of performing a remote wipe without MobileMe? Secondly, I have changed the passwords for all my email accounts, Facebook and Twitter, does this help? Do you know if when you open the Mail and Facebook apps (and others) whether they check if the password saved is still the correct one? Any advice or help is very much appreciated! Many thanks.
A: Unfortunately, the Remote Wipe feature is only available for users who have MobileMe or Microsoft Exchange accounts configured on their device. Without having a MobileMe account configured, Apple is not really in a position to help you as it is the MobileMe account on your device that communicates with the MobileMe servers at Apple to register your device with their network for the Find my iPhone and Remote Wipe features.
The good news is that changing your passwords for your e-mail, Twitter and Facebook accounts will successfully prevent further access to those services. Essentially, each of these apps still has to “log in” to the appropriate services using the password saved on the device. If you have changed this password, then the old password still on the device will be invalid, and the applications will be unable to log in.
In the case of Facebook, the user will be prompted for a password as shortly after they open the Facebook application, and none of the existing data will be accessible without logging back in with the new password. Note, however, that if the user starts the Facebook app without Internet connectivity, any information that was displayed on-screen in the app when you last exited it will still be shown, although they will not be able to access any additional information.
In the case of Twitterrific, no further tweets will be downloaded into your timeline, nor will it be possible to post any new tweets. However, as Twitterrific caches any information previously downloaded, this data may still be available on your device.
Lastly, the same concept applies in the case of e-mail. The ability to receive any new e-mail will not be possible without knowing the new password, but any existing messages that were already downloaded will still be stored on the device and can be viewed by anybody with physical access to the device.
Other information on the device, such as contact and calendar info is not protected in any way without setting a passcode lock on the device in general.
Note that if you have specified a passcode on your device, it will not be accessible by anybody who does not know the passcode. Even connecting it to any iTunes library other than your own will simply display an error message that the device is locked. Further, increasing delays between unsuccessful passcode attempts will make guessing the passcode unlikely.