An iPhone thief stole up to $2 million by watching people type their passcodes. Here's how to protect yourself.

• An onetime thief told The Wall Street Journal how he'd access iPhones and drain bank accounts.
• He'd chat up a drunk person and copy their passcode. That gave him access to everything else.
• Apple is soon rolling out an update to turn on "Stolen Device Protection."

Wall Street Journal columnist Joanna Stern interviewed an iPhone thief who's in prison for using iPhone passcodes to make his way into people's phones.

Once he got into the phones, he and his crew drained victims' bank accounts to the tune of up to $2 million in total, her reporting says.