I'm locked out...how do I find out for how long

[Tiptizzle]

I can view the time without unlocking it (4s)...but the password was put on for a reason and blaming apple for it

Not the time of day. The amount of time until you can unlock your phone.

----------

You don't want attackers to have any information.

They give away a lot of information anyway. If you have the standard code, you know it's all digits because the iPhone displays the numerical pad. You know it's 4 characters because the iPhone doesn't require you to hit enter. We give up security for ease of use. I think displaying the amount of time you are locked out helps more than it hurts. Especially if someone has taken your phone and has unlimited time to guess the password.

 

[Sodner]

My wife was "playing" and trying to guess my pass code on my 5s. She got a bad look on her face and handed me the phone. I looked and was like "What the ____ did you do?!" It said it was disabled but after about a minute it did come back. And YES she no longer even attempts to play guess the pass code.

So I can state that at least the first time you get locked out it is not that long and it does not require a connection to iTunes to come back.

 

[posguy99]

Does not displaying the time until you can enter your password again really increase security?

Yes. You don't want the attacker to know how long it is before he can try again. That's basic.

 

[Tiptizzle]

Yes. You don't want the attacker to know how long it is before he can try again. That's basic.

Why do you want them to know whether it's a numerical password and how many characters it has? That's way more important. Someone that has possession of your phone could just keep it until they can try again. If your kid messed up the password 3 times, it's very useful to know when you can use your own phone again. And besides, they told you how long in all of the other versions of iOS, why change now?

 

[Armen]

Handguns don't have pin codes!

Can you imagine if they did? Run around the house trying to unlock your gun while an intruder is chasing you.

 

[jww062]

Not the time of day. The amount of time until you can unlock your phone.

----------



They give away a lot of information anyway. If you have the standard code, you know it's all digits because the iPhone displays the numerical pad. You know it's 4 characters because the iPhone doesn't require you to hit enter. We give up security for ease of use. I think displaying the amount of time you are locked out helps more than it hurts. Especially if someone has taken your phone and has unlimited time to guess the password.

I think part of the idea is if somebody has your phone and see it's unlocked for 21 more minutes, they'll look again in 21 minutes and try again. If they don't know it's unlocked for 21 minutes, they may not look again for another hour. Basically, telling them exactly when it will be unlocked would allow them to set a schedule for them to more efficiently try to break into your phone.

 

[deeddawg]

My wife was "playing" and trying to guess my pass code on my 5s.

 

[posguy99]

Why do you want them to know whether it's a numerical password and how many characters it has?

You don't. Turn off Simple Passcode. That option shouldn't be there in the first place. Apple will remove that in due course, I'm sure.

And besides, they told you how long in all of the other versions of iOS, why change now?

So Apple should never fix security problems?

 

[CyBeRino]

Why do you want them to know whether it's a numerical password and how many characters it has? That's way more important.

You don't want them to know anything. And you want them to be able to deduce as little as possible. Yet at the same time you want the authorised user to be able to get in with as little hassle as possible. So it's a balancing act between two polar opposites.

Someone that has possession of your phone could just keep it until they can try again.

That gets boring pretty quickly once you don't know how long you're going to be waiting for. You'd have to either monitor the device constantly (wastes time like a mofo) or come back randomly (slows you down significantly, even beyond the lockout.)

If your kid messed up the password 3 times, it's very useful to know when you can use your own phone again.

I agree it'd be useful if there was an alternative way to unlock the phone in situations like these. But until there is, this is the secure way. It's not meant to protect against toddlers but against people actually trying to compromise your privacy.

And besides, they told you how long in all of the other versions of iOS, why change now?

Every now and then they figure out something is a security issue and then fix it.

 

[Tiptizzle]

You don't. Turn off Simple Passcode. That option shouldn't be there in the first place. Apple will remove that in due course, I'm sure.



So Apple should never fix security problems?

To give you that option is a far greater security risk than simply telling you how long until your phone is unlocked IMO. And is it really fixing a security flaw since they had to actively put it there in the first place? It's a design choice much like the simple passcode.

If the lockout or passcode becomes too big of a hassle, no passcode will be used at all. Much like passwords at work get written down and stuck to the bottom of the keyboard since we have 3 different passwords that have to be changed too often, it makes it completely useless.

 

[PNutts]

In a beta thread this topic came up. IIRC the sixth attempt locked it for a minute, the seventh for five minutes, etc. It makes sense that a two year old would keep trying and increasing the timeout.