As expected, the next update to Windows Phone 8.1 has delivered the ability to completely block a Windows Phone if it is stolen, such that even a hard reset will not make it usable again.
The feature, called “Reset Protection” by Microsoft, would prevent a thief from bypassing a password on a Windows Phone running WP8.1 Update 2 by hard resetting the phone, flashing a new ROM or even flashing an old version of Windows Phone. Devices will only usable by users with legitimate Microsoft Accounts and passwords:
The documentation reads:
Introduced in Windows Phone 8.1 GDR2, Reset Protection helps you secure a device in case it is stolen. It must be enabled on the device during manufacturing time.
Reset Protection consists of the following parts:
- Reset and reactivation protection – The stolen device cannot be reused by resetting or flashing the device. When a user performs a factory reset on the device, they will be asked to enter the Microsoft Account credentials that are associated with that device. Additionally, if the device is flashed with a new image and Reset Protection is turned on, the Microsoft Account credentials that were associated with that device is required to finish OOBE and use the device.
- Anti-rollback protection – If Reset Protection is enabled, the stolen device cannot be flashed to an earlier version of the operating system that did not support Reset Protection.
OEMs will however still be able to request an unlock key from Microsoft for users who legitimately forgot their password, though this is likely to be a cumbersome process, with OEMs required to upload a Excel spread sheet with the IMEI numbers of the affected devices to Microsoft’s Reset Protection Unlock Page.
Microsoft has been promising this feature for Windows Phone since early last year, after a similar feature in the iPhone was shown to massively cut down on phone thefts.