Apple provided a new Stolen Device Protection feature through iOS 17.3 Beta yesterday. When activated by the owner, a stolen iPhone will become difficult to use, rendering it virtually useless to thieves.
Among the tactics used by thieves is spying on the phone's lock code/password. After the phone is successfully stolen, they only need to enter the lock code/password to perform an Apple ID reset, turn off Find My, and view the password saved in iCloud Keychain.
Stolen Device Protection will require identity verification using Face ID or Touch ID first when resetting the device. If the reset is performed in an unknown location, two Face ID or Touch ID verifications are required within an hour. This will make the process of resetting the iPhone impossible by non-real owners.
There is no time gap of an hour between Face ID or Touch ID authentication if the reset is done in a known location such as at home for example. Apple says Stolen Device Protection is only accessible and needs to be manually activated by iOS 17.3 Beta users. It is still in experimental stage and not given to all users when iOS 17.3 update.