Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Quietly Added New Passcode Requirement for Touch ID
- Thread starter MacRumors
- Start date
- Sort by reaction score
If they are sleeping around that much I imagine they are bragging about it right after.
Try setting up TouchID five times for the same thumb (instead of different fingers). Also, set two of the five up for a damp/waterlogged thumb (i.e. Washed dishes or showered). Dry the superficial skin beforehand of course.
Are you using a 5s?
Apple picked 8 hours so now when people see that they have to enter a password in the morning, they can't assume the iPhone crashed and rebooted.
Oh you have to enter a pass code? It is for better security, not because your iPhone rebooted overnight.
Actually they don't have to. I mean consider how many Android OEMS even bothers to follow Google's monthly security patches. If they don't even care about known security vulnerabilities, why should they care about the user's security?
Yes, but if someone is trying to steal your phone and get you off it's trail, shutdown can prevent FMiPhone from locating it until you bring it back on.
Home & Hold restart will bring it right back online. And it'll require passcode at that point anyway.
They could make it a feature of lost mode so that it would have to be explicit ly enabled.
Most people are not setting up a new phone, if they had 4 pin from a previous restore, they will have 4 in iOS 9. Majority of users are existing iPhone users with backups
Please don't confuse lazy and really smart. A long alphanumeric passcode is not ultimate security , it's better security.
Exactly this.
I've never set up a password on my phone because:
A) I'm not doing anything wrong. Go ahead and waste your time looking through my phone.
B) I don't keep anything important on my phone.
That wasn't my opinion... You are not accounting for existing devices that were upgraded to iOS 9. If people aren't forced to change there passcode, they never will. You should know that.
[doublepost=1463636031][/doublepost]
Don't get in the way of my right and want for privacy.
Think about what you are saying. You have to hold down the home button and the lock button to do a hard reset, correct? That means your thumb will be on the Touch ID sensor during that process and your thumb could authenticate Touch ID to accept the hard reset.
And as others have said, hard resetting the phone will auto-reboot the device, which brings you back to the passcode screen (which means the phone is online and can be tracked by Find My iPhone). Simple shut offs need to be authenticated to prevent someone shutting the phone off and stealing it.
Okay, so Touch ID was meant to be an easier way to unlock the device, but Apple for some unknown reason requires people to use Passcode pretty much all the time... Then why the f*** do we have Touch ID?
Agree. Though it seems that after the FBI spat, security is going to used as a markerting feature of the iPhone to sell more units.
Though I'd love to be a fly on the wall when TC talks security with the Chinese though. He must have two very different speeches contradicting themselves .
[doublepost=1463636950][/doublepost]
For Apple Pay $$$$
I don't get the 8 hours, for many people , that now means they will be forced every morning to put in the passcode again.
On the flipside, when you are used to using touchid all the time, to now having to put in your pin again ad hoc , I can see people going back to 4 pin passcode for quicker access...
The messaging is different for those different cases, so nothing is being hidden there.
[doublepost=1463637085][/doublepost]
Well, if you only hold it until the phone shuts off and not beyond that I recall it won't reboot and stay off.
Thst said, there's always simply popping the SIM out too.
[doublepost=1463637189][/doublepost]
Well, the reset method is primarily there to work when things aren't working, so having it tied to TouchID functionality would get in the way of that as it then might not work if the system hangs and can't authenticate or even recognize something through TouchID.
[doublepost=1463637258][/doublepost]
If by "pretty much all the time" you mean "fairly rarely", then that puts it in the right context.
Fair point. But I'm sure something could be setup via a combination of hardware/software that could prevent Touch ID from locking up incase of a system failure. Not saying it would be easy, but I'm sure it would be possible. But it doesn't matter, because a hard reboot auto-reboots the device bringing it back online. So only a normal shutoff would need to be authenticated.
No, not at all. It was simple with the 5S/SE and before, but with the iPhone 6's curved design, you have to unglue the display, disconnect plenty of crap, and then remove the battery. But by the time you successfully do that, you probably already broke the phone so there wasn't any point at all in all of this.
In fact, as Apple makes everything thinner, they will most likely make the battery harder to reach, so it is technically possible to make a hyper-locked phone and prevent any unauthorised shutdown.
For example, they could make it so that in order to enable Airplane mode, you had to fingerprint your device. If you just disable Wi-Fi, it would probably only disable actual router connectivity, authorised internet hotspots and Apple Store hotspots would still be very lightly enabled in order for location detection exclusively (after all, it would not hinder on a regular user's tasks in any way). It's only a matter of time before they (or whoever they sell this to) come across a hotspot or ANY Internet connection if the latter enables it, which is required in order to set up the device, and the device gets locked and localised. Also, constantly resetting is not an easy task. You'd literally have to spend multiple hours trying to constantly reboot the device until the battery shuts down. Absolutely unrealistic.
Another idea goes back to the "light Internet" idea I proposed. Maybe let the user enable a feature that allows extremely light (probably less than a MB per hour) internet connections to anything they authorise when Wi-Fi is disabled. If they have connected their phone to the Wi-Fi of their favourite restaurant, the moment the thief comes across would get the phone to establish a light connection and do its usual routine. Of course these are just ideas.
Then of course, all you need next is a system that boots fast and very powerful antennas to capt all Internet, and then your phone is protected beyond belief. Add to the fact that Apple's encryption is going to improve most likely, which means even hackers looting for info would be out of luck, unless they're VERY advanced.
I wanted to confirm what I recalled earlier and jus tried it out myself--it's pretty easy to just shut down the device and not have it reboot using the reset method, you just have to let go of the buttons as soon as the device turns off (rather then continue holding them to have it reboot after that).
You're right, and I know its doable, as I do it here and there (so thats my bad for the oversight). Its not the 'easiest' though. Now, someone stealing someone's iPhone will probably know how to do this for the purpose of keeping it offline, but for the vast majority of people, I think it will auto-reboot because they would need to practice timing. So, I guess that goes back to my previous thought, some type of hardware/software combination that could prevent Touch ID from getting caught in a system hang.
Added to that... if you use a difficult to remember alphanumeric passcode and use Touch ID, chances are that if you always use Touch ID you might forget the alphanumeric passcode...
lol
lol
Well, that's the thing, it would be functionality that would be there to make something work that can't be relied on as a reset essentially has to be a "stupid" hardware switch to just flip that doesn't reply on anything, basically on the level of cutting the power (unplugging/pulling the battery).
What I find super annoying is having to put in my Apple ID password the first time u want to download something in the store. Why isn't TouchID enough? You already had to put in the passcode after the reboot anyway. Are they saying TouchID isn't trustworthy enough to confirm its really you?
Lol I like this. I don't mind putting in my passcode once a day for this. I shouldn't laugh as this is a touchy subject when we think about it, but it's such a sneaky move by Apple. And it just makes me chuckle when I think about how deflated this must make Comey and company feel.
[doublepost=1463641356][/doublepost]
All the time? It's once a day, MAYBE twice if you never use your phone except for those two times. For a little perspective, the average person unlocks their phone something like 70 times a day. 1/70 is like nothing.
[doublepost=1463641356][/doublepost]
All the time? It's once a day, MAYBE twice if you never use your phone except for those two times. For a little perspective, the average person unlocks their phone something like 70 times a day. 1/70 is like nothing.
Last edited:
Especially since I can buy anything else via Apple Pay and Touch ID, doesn't make any sense.