SENTINEL is an optional decoy lock screen with a secret duress PIN. Enter it — even under coercion — and the phone appears to wipe itself, your trusted contacts are alerted, and the thief's location is captured. Nothing real is ever deleted.
iPhone · Privacy-first · Your data is never touched — the wipe is pure deterrent.
Modern iPhones are hard to resell, so theft has shifted from the hardware to what's inside it: your photos, messages, banking apps and identity.
Thieves increasingly watch or force victims to reveal a passcode before snatching the phone. At that point the device is fully open and every native protection is bypassed.
In the minutes after a theft, a thief can disable Find My, change the Apple ID and exfiltrate data. There's no built-in way to stall them or quietly raise the alarm.
Victims are left blind: no location, no alert to trusted contacts, no deterrent — just a stolen phone and a race against the clock.
One secret PIN, entered like a normal unlock, silently does three things at once.
SENTINEL holds the screen as a pixel-accurate iPhone lock screen. The thief sees nothing unusual.
The secret 4–6 digit emergency PIN is entered — by the owner or under coercion. It mimics a normal unlock.
A staged ~20-second erase sequence convinces the thief the phone is being bricked and is worthless.
Trusted contacts receive an email with device, owner, timestamp and a live Google Maps location link.
When the duress PIN is entered, SENTINEL launches a staged erase animation — percentage counter, spinner and authentic system-style messages, ending on “Reset Complete.” Psychologically, the thief believes the phone is bricked and has no resale or data value.
Behind the scenes, no real data is ever touched. Your PIN is stored only as a one-way hash, location is captured solely on trigger and only if you opt in, and every record is isolated by row-level security.
Explore all featuresProtect a single device, or up to five. The primary account holder is the administrator; everyone else joins as a member with limited access.
The administrator sees every member device, its PIN-configuration status, and a live feed of recent wipe events across the group.
Members manage their own PIN and trusted contacts only — limited access, enforced at the database level by row-level security.
The admin invites members by email invite code. Each device gets a custom label like “Sarah's iPhone 15 Pro” used in every alert.
Native protections assume the phone stays locked. SENTINEL protects the coerced-unlock and post-theft window where they fail.
Get SENTINEL