Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

Creating a more secure iPhone passcode

Texas_Toast

macrumors 68000
Original poster
Feb 6, 2016
1,716
327
Texas
I have a new iPhone 11 Pro Max with iOS 13. (Will likely upgrde to iOS 14 when I have time.)

What things can I do to make my passcode more secure?

Typically the length of a password, or pass-phrase, is your best way to gain security.

Is there a way to make my passcode longer than the default 6 digits or whatever?

Does anyone here use letters and specil characters, or does that not even make sense on an iPhone?

Any other suggestions for greater security?


Here is an interesting article from the NYT: The Police Can Probably Break Into Your Phone

In this article they say that a 6-digit iPhone passcode only takes 11 hours to guess, yet a 10-digit code takes 12.5 years...
 

C DM

macrumors Sandy Bridge
Oct 17, 2011
50,863
19,032
I have a new iPhone 11 Pro Max with iOS 13. (Will likely upgrde to iOS 14 when I have time.)

What things can I do to make my passcode more secure?

Typically the length of a password, or pass-phrase, is your best way to gain security.

Is there a way to make my passcode longer than the default 6 digits or whatever?

Does anyone here use letters and specil characters, or does that not even make sense on an iPhone?

Any other suggestions for greater security?


Here is an interesting article from the NYT: The Police Can Probably Break Into Your Phone

In this article they say that a 6-digit iPhone passcode only takes 11 hours to guess, yet a 10-digit code takes 12.5 years...
The device will start putting in delay periods between guesses when a few incorrect ones are made in a row, so it would take way longer than something like 11 hours to guess a 6-digit passcode. Even a 4-digit one would take a long time because of those delays, short of some educated guessing and luck.

That said, there are options to use a custom numeric code (a longer passcode) or even a custom alphanumeric code (a passphrase): https://support.apple.com/en-us/HT204060
 
Comment

Texas_Toast

macrumors 68000
Original poster
Feb 6, 2016
1,716
327
Texas
The device will start putting in delay periods between guesses when a few incorrect ones are made in a row, so it would take way longer than something like 11 hours to guess a 6-digit passcode. Even a 4-digit one would take a long time because of those delays, short of some educated guessing and luck.

Except the article that I linked to mentions that police departments have software to get around these time delays thus meaning they can brute-force your password.



That said, there are options to use a custom numeric code (a longer passcode) or even a custom alphanumeric code (a passphrase): https://support.apple.com/en-us/HT204060

If I want more security, what approach makes the most sense?

What do all of you do for your passcodes?
 
Comment

C DM

macrumors Sandy Bridge
Oct 17, 2011
50,863
19,032
If I want more security, what approach makes the most sense?
Well, if more security is basically the only/main factor, then the more complex and longer the code (likely the alphanumeric one) is the more secure it would be (although potentially the less convenient it would be to enter when needed).
 
Last edited:
  • Like
Reactions: Texas_Toast
Comment

mike1123

macrumors 6502
Sep 19, 2007
271
34
iOS allows you to use normal passwords in lieu of the 4-6 digit passcode. Your best bet for a balance of convenience and security is a combination of Face ID and a sentence as your passcode. Sentences, while easy to remember, are very difficult to crack.
 
  • Like
Reactions: Texas_Toast
Comment

cdcastillo

macrumors 65816
Dec 22, 2007
1,408
819
The cesspit of civilization
I have a longer alphanumeric password, that option is baked right into your phone, you just have to select it.

And regarding suggestions for a stronger password, I give you the recommendations of someone way more sage than I (xkcd):
1603480884519.png
 
  • Like
Reactions: Texas_Toast
Comment

Texas_Toast

macrumors 68000
Original poster
Feb 6, 2016
1,716
327
Texas
iOS allows you to use normal passwords in lieu of the 4-6 digit passcode. Your best bet for a balance of convenience and security is a combination of Face ID and a sentence as your passcode. Sentences, while easy to remember, are very difficult to crack.

How does a combination of Face ID and passcode help?

With a Face ID then I cross over into privacy concerns, although that's a whole other thread/deabte...

So I can use alphanumeric characters?

Not knowing how to use a phone as a phone, I guess I have to learn how to use the keyboard?

I did use the keyboard to log into my Apple account and it took f-o-r-e-v-e-r...

On my MPB and rMBPs, I have been using pass-phrases for a couple of years.

While more secure, I'm wondering if that will make it nearly impossible for ME to get into my phone?

Although, since I can apparently use the camera app without logging in, I guess that helps?

But to use FilmicPro and access Settings to turn my personal hotspot on and off would then require me to log in, right?
 
Comment

Texas_Toast

macrumors 68000
Original poster
Feb 6, 2016
1,716
327
Texas
I have a longer alphanumeric password, that option is baked right into your phone, you just have to select it.

And regarding suggestions for a stronger password, I give you the recommendations of someone way more sage than I (xkcd):

Good advice for people to read and understand.

Yes, I already knew this.

My question was more trying to understand what my options are on an iPhone, and which one is managable.

For instance, I wasn't sure if I could have a passcode that long, or if I could use the whole alphanumeric character set, or if it is reasonable to try and type that in. (I guess I already know the answer to the last question!)
 
Comment

Natzoo

macrumors 68000
Sep 16, 2014
1,550
292
Im not sure if this was said before but disable USB accessories in the Face ID and passcode menu in settings.

I also disabled home control, control center, and notification center.
 
Comment

C DM

macrumors Sandy Bridge
Oct 17, 2011
50,863
19,032
My question was more trying to understand what my options are on an iPhone, and which one is managable.

For instance, I wasn't sure if I could have a passcode that long, or if I could use the whole alphanumeric character set, or if it is reasonable to try and type that in. (I guess I already know the answer to the last question!)
As mentioned earlier, those are all possible options:
That said, there are options to use a custom numeric code (a longer passcode) or even a custom alphanumeric code (a passphrase): https://support.apple.com/en-us/HT204060
 
  • Like
Reactions: Texas_Toast
Comment

mike1123

macrumors 6502
Sep 19, 2007
271
34
Im not sure if this was said before but disable USB accessories in the Face ID and passcode menu in settings.

I also disabled home control, control center, and notification center.

Unless you use CarPlay, in which case you would not want to disable USB accessories.

Regarding security, the bottom line is that security and convenience are at odds. You must sacrifice one to have the other. The realistic thing to do is find a balance that works best for the individual, while still educating them about some outright bad ideas (like using bad passwords, or no password at all). Face ID and Touch ID, while not 100% secure, offer vastly improved convenience with a fairly small compromise on security. Remember, nothing is completely secure. The goal is to make a system secure enough that the cost to break in outweighs the value of doing so. That is one of the core foundations of an adequate security program.
 
  • Like
Reactions: Texas_Toast
Comment

Natzoo

macrumors 68000
Sep 16, 2014
1,550
292
I would also like to add that you should turn off significant locations in the privacy menu of settings, if you need help accessing that, I can send a screenshot. Leaving that on records all the locations you visit, time, and frequency. Useful for navigation but can be used against you (or delete some of them).
 
  • Like
Reactions: Texas_Toast
Comment

Texas_Toast

macrumors 68000
Original poster
Feb 6, 2016
1,716
327
Texas
I would also like to add that you should turn off significant locations in the privacy menu of settings, if you need help accessing that, I can send a screenshot. Leaving that on records all the locations you visit, time, and frequency. Useful for navigation but can be used against you (or delete some of them).

I *think* that I have everything turned off on my new iPhone - unless I made some mistakes.

To put things into perspective, out in the field I keep telling interviewees, "Please give me a minute while I set up my camera..."

It doesn't even have a SIM card in it, although I may migrate my SIM card from my iPhone 6S Plus as I phase that one out, but then again, maybe I will just keep my iPhone 11 Pro Max as an "offline" camera/video-camera?

That being said, I'm not sure if I even needed to create this thread, as I tuned OFF the passcode after using it for 2 days...

But I always like to expand my knowledge, and at least know my options for securing my iPhone 11 more f I decide to do that...
 
  • Like
Reactions: Natzoo
Comment

Gsmaniac

macrumors regular
Apr 3, 2014
134
104
My cousin used the pass phrase option so that the full keyboard would pop up when entering a password. Thus any normal average person would look at it and assume it was a long complex password. Yet she just used “é”. Simple in its brilliance.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.