No. How would anyone even know who I am on here? I use 4 digits of my social for lots of things. Again, How would anyone know who I am or what my social is? It's also the login on my Dell computer and my Android phones.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iPhone 11 how bad is it to use 4 numbers as iPhone's passcode?
- Thread starter BlueMoose
- Start date
- Sort by reaction score
I think the more real world concern about this is if you store nudies on your phone, and your coworker tries to look over your shoulder, it would be harder for them to remember 6 digits than just 4.
It’s not about people here, it’s about the fact that your SS# is one of the first things a hacker will try. If they know who you are (or just your stats), they’ll have access to it. A person’s SS# isn’t private information, and should never be used as a password for that reason. Same as birthdays, parents’ names, and street names. All public info.
I don’t care if you’re a nobody, even a vengeful ex can use that info to get into your records, phone, etc. It’s really dumb, no matter how safe you feel
If you’re worried about remembering a bunch of difficult passwords, I highly recommend a password manager. With it, you’ll only need one good master password, and it’ll do the rest for you.
Anyway, that’s my 2¢. Take it as you will.
How long does it take you to tap two extra numbers? And there's 10,000 possible codes for 4 digits and a million for 6 digits.
people always say that it's bad to use obvious ones like 0000, 1111, 1234, 1357, 2468....9999...etc.
however, I wonder if the cryptography experts actually did studies to see if it actually take password cracking software or devices less time when the subject phone uses 0000, 1111, 1234, 1357, 2468....9999...etc.
(as opposed to something like 5920, 9147, 6385, etc..
-
If someone wants to just use a 4 digit passcode (four numbers) it's best to set it up as a custom numerical passcode. That way when logging in, you have to enter your four digits, THEN hit the OK button. Without hitting the OK button, you're not logged in.
This way, a hacker who has your iPhone and is trying to get in has no idea how many numbers the passcode has because the OK button has to be hit to initialize. The passcode could have two numbers or 64 for all he knows
If someone wants to just use a 4 digit passcode (four numbers) it's best to set it up as a custom numerical passcode. That way when logging in, you have to enter your four digits, THEN hit the OK button. Without hitting the OK button, you're not logged in.
This way, a hacker who has your iPhone and is trying to get in has no idea how many numbers the passcode has because the OK button has to be hit to initialize. The passcode could have two numbers or 64 for all he knows
I don't understand why you wouldn't. I have to enter the passcode only once a day. Adding two digits adds a minuscule amount of extra effort for a much harder code to crack.
Please don't use 4 digit passcodes. I don't remember specific details but a while back I read a piece on how there were tools available to crack 4-digit passcodes on iOS without bricking the phone (and these are not available for alphanumberic passcodes).
Personally I haven't used 4-digit passcodes ever since my previous company required it on all corporate phones (this was 1 or 2 years after Touch ID came around). And now that your iPhone passcode gives access to all your Apple Pay cards and effectively replaces their PIN, I wouldn't use a 4 digit PIN.
Personally I haven't used 4-digit passcodes ever since my previous company required it on all corporate phones (this was 1 or 2 years after Touch ID came around). And now that your iPhone passcode gives access to all your Apple Pay cards and effectively replaces their PIN, I wouldn't use a 4 digit PIN.
It’s only dumb if you use 0000 as your passcode like Kanye West did in front of cameras and the president at the clown show meeting.
https://www.nbcnews.com/video/kanye...one-with-passcode-of-all-zeroes-1342136387883
https://www.nbcnews.com/video/kanye...one-with-passcode-of-all-zeroes-1342136387883
A four digit passcode is fairly weak, but the alternative is to have either 6 digits or a multi character passcode which would make it more of a pain to enter for yourself.
I am not a cyber security anything, but cyber security experts talk all day about security and user experience and the fight to balance it perfectly.
Something user friendly is often not secure, and something secure is often not user friendly. If anything a 6 digit passcode is better whilst still maintaining thateasy to use sweet spot but it depends on so many factors.
If you never lose your phone or no one that you don’t want gets it then you could go without altogether but obviously it’s not worth the risk.
Think about how many passcode combinations you can have with just a four digit, 0 to 9 passcode. Turn on the erase feature after 10 failed attempts and that should provide some extra security and peace of mind for you.
Security is a game, often of risk.
I am not a cyber security anything, but cyber security experts talk all day about security and user experience and the fight to balance it perfectly.
Something user friendly is often not secure, and something secure is often not user friendly. If anything a 6 digit passcode is better whilst still maintaining thateasy to use sweet spot but it depends on so many factors.
If you never lose your phone or no one that you don’t want gets it then you could go without altogether but obviously it’s not worth the risk.
Think about how many passcode combinations you can have with just a four digit, 0 to 9 passcode. Turn on the erase feature after 10 failed attempts and that should provide some extra security and peace of mind for you.
Security is a game, often of risk.
Agree these are probably the same people who think signing is faster that chip and PIN. I'd much rather at least have the choice to use Chip and PIN for my credit cards and stop thieves from being able to use it.
The more you have to lose the bigger the Security becomes.
I know people including my parents that don’t have a passcode at all. They’re the only people that it will keep Out!!
But I feel I have a lot to lose so I burden myself to a long Alphanumeric passcode.
That's amazing! I have the same combination on my luggage!
That's true. However... there are a few criteria that have to be met for this to be a problem:
1. You lose your phone
2. The person finding your phone has these tools
3. You are someone who has enough valuable information on your phone to merit the use of these tools
4. They use these tools before you can remotely brick the phone
If you're a CEO, a politician, James Bond, etc... use a better passcode.
But for everyone else... I don't think you should worry.
no matter which passcode option I choose, if I only enter 4 numbers as the passcode, I never see the "OK" button on the lock screen... what am I doing wrong?
thanks!
That's true. However... there are a few criteria that have to be met for this to be a problem:
1. You lose your phone
2. The person finding your phone has these tools
3. You are someone who has enough valuable information on your phone to merit the use of these tools
4. They use these tools before you can remotely brick the phone
If you're a CEO, a politician, James Bond, etc... use a better passcode.
But for everyone else... I don't think you should worry.
I mean, aren't all your banking apps with direct access to your account and credit cards valuable enough? I mean, with my passcode, some dude can buy $3000 worth of hoodies they can use to steal more phones before anyone bats an eye.
It was more of a nuisance when, back when IT implemented this policy, there were still people on iPhone 5s and such with no Touch ID. Nowadays you have to enter it once or twice a week, it's no biggie.
You mentioned "tools available to crack 4-digit passcodes on iOS"
Your average street thug will not have these tools.
Besides... my banking app requires my password anyway. So even if they cracked my phone passcode... they're not gonna have my bank password.
And again... all this has to happen before I brick my phone remotely.
The chances of the bad guys finding my phone... and breaking into my phone... and breaking into my bank app... and doing all this before the phone is wiped... is extremely thin.
I hear what you're saying... but we're not in a spy movie.
If you're really worried about your money... don't lose your credit/debit card.
The bad guys would rather find a credit card on the subway than mess around with cracking a phone passcode.
Have to choose Alphanumeric. Then it will have the OK. Like my daughter has a five digit code, but no one will know how many characters or if it is just numbers or letters or both or if it has symbols etc since you need to tap OK instead of just entering four or six digits.
This morning when I allowed my ex-girlfriend to withdraw cash, but forgot to tell her that I was using a new PIN#, instead of the one that she knew about when we were together.
So you have a valid question but I have to say I’m more concerned you’re letting your ex withdrawal money using your ATM card. Also where do you live that a bank guard pulls a gun on someone at an ATM? And since when does an ATM machine go off with lights and sounds after 4 failed attempts or at all for that matter? So, so many questions.....