A bug in iOS 7 has been discovered that allows users to disable Find My iPhone without even entering a password according to a recent report from MacRumors. This security flaw applies to all iOS Devices running iOS 7.0.4 or below (iOS 7.1 does not contain this flaw).
All you have to do is make a few basic changes in the device’s iCloud account. Unlike other settings that require a password, this particular method allows someone with malicious intent to disable Find My iPhone and delete the iCloud account on a device without even entering a password.
This means if someone stole your device they could easily disable the Find My iPhone service which means you would have no way to track your device. And considering Find My iPhone has a proven track record of helping users recover lost and stolen devices it’s certainly not a good.
So how can you safeguard yourself against this security flaw?
Ensure that your device is protected by TouchID if you have an iPhone 5s, if you don’t have a 5s then simply ensure that you have a lockscreen passcode set at all times.