Apple Passwords has a problem...

Apple introduce a stolen device protection option awhile back. When this is turned on, it introduces a delay to changes in security settings. You can enable this feature to be always on, or when away from familiar location. This prevents the scenario that you have descrived where if the phone is stolen by someone who knows the code, they will be unable to switch off find my iphone or any security feature. They will also not have access to your password without face ID and there is no way to switch off faceid without the delay. Hope this helps.

This is why you should set up a six digit passcode. Shoulder surfing has statistically shown that it is far harder to guess as opposed to other Android biometric methods.

Best Advice - Quit using 4 digit passcodes for anything. Start using a long passphrase to access your devices. It's a lot harder for someone to remember a long passphrase one letter at a time if they're looking over your shoulder.

You can set Passwords to require Face ID to open but apple needs to make the settings app require Face ID

You can also create a custom alphanumeric passcode using letters, which is even harder to memorise when shoulder surfing.

It is possible at least to set your iphone passcode to some things other than 4-digits, Apple support writes: Change Passcode: Enter a new six-digit passcode. Or tap Passcode Options to switch to a four-digit numeric code, a custom numeric code, or a custom alphanumeric code..... so a custom alphanumeric code is a bit harder to get to.... but good advice in the video :-)

Something you haven’t mentioned was to disable access to control centre when the phone is locked.

I don’t like my new iPhone 16 plus. It’s to complicated…

Correction, Passwords has been around since IOS 17. You got this from an article? Sounds to me like you're embellishing on the story a bit. You say in your take on what you "read" is that her credit card information and banking info is "probably" stored on her phone, they sold her phone and cleaned her out. Really? You can't possibly know what she used her Passwords App for to make this claim. Setting up Passwords, you use facial recognition in order to open it. If set, that is the ONLY thing that will open Passwords App.

if you loose your phone and your passcode to the same person..that’s a YOU problem not an apple problem.
stolen device protection has been enabled which makes it impossible for anyone to change your passcode within a set time which is more than enough time for her to lock the thieves out of her device…this video sounds like a hit video wrapped in cute paper

stop using 4 digit passcode use 6 digit

Apple introduced stolen device protection almost a year ago, you should do more research before posting a video. Also, don't use 4 digits to lock your phone, use 6.
I did learn something from this video... I learned to not take advice from someone who does not know what they are talking about but posts a video to give technical advice based on something they read in an article.

9-24-24. Then there is the Apple watch Series 10 with its own selectable 4 or 6 digit or a custom access code that can be set to mirror and open its pared iPhone. Know this, for several years that two person surfing scam (you described) has been used nation wide particularly in noisy busy bars when a target person has had a few drinks. If the team has the access code and is unable to steal the phone in the bar then there is a risk when leaving the bar of being mugged by the team to steal it that way. Note that that pass code/iPhone theft scam is also accomplished using children.