Sending SMS to lock stolen phone shows theif the unlock pin?phone
Using mobile security on two android phones I sent an SMS from one to the other containing the text
In order to simulate locating a stolen phone. In order for this to work you have to include the unlock pin for the remote phone (eg 12345) in the SMS message you send
I correctly got back an SMS from the remote phone with a link to Google maps showing me where it was.
However. The remote phone that received the SMS showed the whole text message, including the unlock pin (12345) on the screen so any would be thief now not only knows that I've tried to locate my phone but they also know the unlock pin!
This would be even worse if I'd sent 'bd-12345 lock' in order to lock the stolen phone as the action of locking it would also tell the thief, via the SMS message, the pin they needed to unlock it again.
Surely this can't be right? Shouldn't the SMS containing the command remain hidden on the receiving phone?