iPadOS 26 password attempt limit?

[herp]

I'm helping an elderly person with difficulty with an iPad.

This is an iPad 9th Gen, which was restored from a previous iPad Air about a year ago. The old Air is in their iCloud account.

I had advised them not to upgrade to iPadOS 26 and they remained on 18, up until about a week ago when the increased frequency of upgrade nag notifications. They did not have a password set and unknowingly accepted the upgrade. After the upgrade completed and iPadOS takes the user through the welcome wizard, it seems like they couldn't remember their iCloud password and the device was removed from iCloud. They're not tech savvy so they were just trying to get the iPad back to a usable state. They were also prompted to add a password, I assume they thought this meant they had to enter a password to get access and they entered a password they use elsewhere. Now the welcome flow is completed, with no iCloud and a device password. They don't remember what password they used and the device is essentially orphaned.

I'm trying to help them get in but after one password attempt we're locked out for 3 hours, then 24. Is there a "cooling off" period where I can again resume attempting more than one password per day? They have a list of a few possible passwords but I need to try uppercase/lowercase variations, special characters, etc. so I unfortunately need many attempts.

 

[BigBlur]

There's no cool off period.
After 8 attempts, it's a 3-hour wait.
After 9 attempts, it's a 8-hour wait (you said 24?).
After 10 attempts, it's locked (or wiped if that setting was enabled).
This is outlined in the first link below.

Sounds like you only have one more try. If that fails, you may need to connect it to a computer to wipe it and restore from a backup if you have one.

Passcodes and passwords

To protect user data from malicious attack, Apple uses passcodes in iOS, iPadOS, and visionOS, and passwords in macOS.

support.apple.com

How to reset your iPad passcode using your Mac or PC - Apple Support

This troubleshooting article guides users on how to reset an iPad passcode using a Mac or PC.

support.apple.com

 

[herp]

Thanks for the reply.

I guess it was 8, I just figured I would wait 24 hours to try again to see if it "cooled off". But on my most recent attempt it gave me a 3 hour delay. So I guess I only have 1 or 2 attempts remaining? This is beyond frustrating - I understand the security reasons but had iPadOS 26 not been forced on them this never would have been an issue.

 

[I7guy]

Thanks for the reply.

I guess it was 8, I just figured I would wait 24 hours to try again to see if it "cooled off". But on my most recent attempt it gave me a 3 hour delay. So I guess I only have 1 or 2 attempts remaining? This is beyond frustrating - I understand the security reasons but had iPadOS 26 not been forced on them this never would have been an issue.

The problem is people dont understand how critical password management is. You’re blaming iOS 16 when in reality: “the fault lies not in the stars, but in ourselves”.

 

[herp]

The problem is people dont understand how critical password management is. You’re blaming iOS 16 when in reality: “the fault lies not in the stars, but in ourselves”.

I'm sure everyone here on this board understands it. The issue is the "average" person and the complexity burden - this person is in their late 80s. The welcome flow of a software update being pushed/forced on users because Apple doesn't like the cumulative upgrade trajectory is something that I think is not fair to blame the user for. Additionally - it had no password prior to the upgrade. They never used iCloud prior to the upgrade. Now we have a confused user trying to get their device to work - "just get me to the homescreen" more or less. Did they not have the iCloud password when it was needed? Sure. Did they enter something not realizing it was a lock on a device with no second way in? Yes. That has meaning to a tech person like the people on here. Everyone outside that group? Not so sure.

 

[I7guy]

I'm sure everyone here on this board understands it. The issue is the "average" person and the complexity burden - this person is in their late 80s. The welcome flow of a software update being pushed/forced on users because Apple doesn't like the cumulative upgrade trajectory is something that I think is not fair to blame the user for. Additionally - it had no password prior to the upgrade. They never used iCloud prior to the upgrade. Now we have a confused user trying to get their device to work - "just get me to the homescreen" more or less. Did they not have the iCloud password when it was needed? Sure. Did they enter something not realizing it was a lock on a device with no second way in? Yes. That has meaning to a tech person like the people on here. Everyone outside that group? Not so sure.

I understand and read it was an elderly person. This didn’t have to be an iOS update, it could be any issue that somehow caused the iCloud password to not work. I am totally empathetic with the situation. But non-savvy people who set up devices beyond their purvue have to have help so they don’t get locked out.

 

[herp]

I understand and read it was an elderly person. This didn’t have to be an iOS update, it could be any issue that somehow caused the iCloud password to not work. I am totally empathetic with the situation. But non-savvy people who set up devices beyond their purvue have to have help so they don’t get locked out.

How can I ensure that when there is no admin or user management on an iPad? The update nag shows whenever it wants to whomever is using the device.

 

[I7guy]

How can I ensure that when there is no admin or user management on an iPad? The update nag shows whenever it wants to whomever is using the device.

These are personal devices. Unless these devices have an MDM installed it’s a free for all as far as what can be done.

 

[herp]

These are personal devices. Unless these devices have an MDM installed it’s a free for all as far as what can be done.

Right - so there is no way to ensure "non-savvy people" don't lock themselves out. Again, from a purist technology perspective there is a *right way* to do this stuff - have a strong password management strategy, have iCloud set up on the device, have cloud backups enabled, etc. etc. however the real world is not so cut and dry. I really don't think the user is 100% to blame here.

 

[I7guy]

Right - so there is no way to ensure "non-savvy people" don't lock themselves out. Again, from a purist technology perspective there is a *right* to do this stuff - have a strong password management strategy, have iCloud set up on the device, have cloud backups enabled, etc. etc. however the real world is not so cut and dry. I really don't think the user is 100% to blame here.

I’m not sure what you are arguing for here. Non-savvy people can write down passwords. My OH is not tech savvy, yet all of the passwords are on a piece of paper. Not the greatest, but better than nothing. And it works if you spill coffee on it.

There is no way to protect a person from themselves. Again I am empathetic.

 

[herp]

I’m not sure what you are arguing for here. Non-savvy people can write down passwords. My OH is not tech savvy, yet all of the passwords are on a piece of paper. Not the greatest, but better than nothing. And it works if you spill coffee on it.

There is no way to protect a person from themselves. Again I am empathetic.

This wasn't a case of a forgotten password - they were *confused* by the insistence of the update and the subsequent welcome flow which prompted an iCloud password which they were not aware of, and then prompting them to *set* a device password when they never had one set before. They had no idea what the purpose of these passwords are nor why they were being prompted. So the device password is something they would specifically not have written down since they did not know they were setting a new password.

The iPad is a complete appliance to them - turn on, use browser, email, turn off. System management is so far beyond their use case or knowledge base. I'm not arguing this is a significant part of the population but it is absolutely a non-zero percentage. I'm arguing that the insistence of Apple to force iPadOS 26 on all users is malpractice.

 

[I7guy]

This wasn't a case of a forgotten password - they were *confused* by the insistence of the update and the subsequent welcome flow which prompted an iCloud password which they were not aware of, and then prompting them to *set* a device password when they never had one set before. They had no idea what the purpose of these passwords are nor why they were being prompted. So the device password is something they would specifically not have written down since they did not know they were setting a new password.

The iPad is a complete appliance to them - turn on, use browser, email, turn off. System management is so far beyond their use case or knowledge base. I'm not arguing this is a significant part of the population but it is absolutely a non-zero percentage. I'm arguing that the insistence of Apple to force iPadOS 26 on all users is malpractice.

I don’t believe it’s “malpractice”. Certainly no different than a smart TV with Netflix, Amazon etc where you have to enter your passwords. But we each see things differently.

 

[herp]

I don’t believe it’s “malpractice”. Certainly no different than a smart TV with Netflix, Amazon etc where you have to enter your passwords. But we each see things differently.

Not at all. Those are services. Nothing becomes physically locked out and there is a way to reset it.

 

[I7guy]

Not at all. Those are services. Nothing becomes physically locked out and there is a way to reset it.

It’s all the same variation on a theme that is password management. Maybe Apple themselves can help.