“Law enforcement agencies have a new iPhone cracking tool that works with all modern iPhones and the newest versions of iOS 11, the GrayKey, designed by a company called Grayshift,” Juli Clover reports for MacRumors.
“Previous reports have suggested the GrayKey can crack 4-digit passcodes in a matter of hours and 6-digit passcodes in days,” Clover reports, “but as highlighted by VICE’s Motherboard, cracking times for the GrayKey and other similar iPhone unlocking methods can potentially be even faster and 6-digit passcodes no longer offer adequate protection.”
Clover reports, “Matthew Green, assistant professor and cryptographer at John Hopkins Information Security Institute, said this morning on Twitter that with an exploit that disables Apple’s passcode-guessing protections, a 4-digit passcode is crackable in 6.5 minutes on average, while a 6-digit passcode can be calculated in 11 hours.”
Guide to iOS estimated passcode cracking times (assumes random decimal passcode + an exploit that breaks SEP throttling):
4 digits: ~13min worst (~6.5avg)
6 digits: ~22.2hrs worst (~11.1avg)
8 digits: ~92.5days worst (~46avg)
10 digits: ~9259days worst (~4629avg)
— Matthew Green (@matthew_d_green) April 16, 2018
Read more in the full article here.
MacDailyNews Take: Obviously, those concerned with security and privacy should use an alphanumeric passcode that’s seven characters – even longer is better – and mixes numbers, letters, and symbols.
To change your password in iOS:
Settings > Face ID & Passcodes > Change Passcode > Passcode Options: Custom Alphanumeric Code
Police around the U.S. can now unlock iPhones – April 12, 2018
Law enforcement uses ‘GrayKey’ box to unlock iPhones – March 16, 2018
The man who wrote those password rules has a new tip: N3v$r M1^d! – August 8, 2017