“iPhones protected by a six-digit pass code may no longer be safe thanks to a cheap tool being marketed to police that can unlock a smartphone in just days,” James Hetherington reports for Newsweek.
“Grayshift has developed an iPhone decryption device called GrayKey that can break through some devices in just two hours,” Hetherington reports. “Presumably, the device is able to skip Apple’s imposed wait times between pass code attempts.”
“Apple used to require only a four-digit pass code but bumped up the minimum to six in 2015, via iOS 9. Users are now also given the option to enter letters in a 10 letter/number pass code,” Hetherington reports. “If you have the patience and memory to install a 10-digit pass code (just numbers, no letters), the average unlock will take someone almost 13 years to hack in.”
Read more in the full article here.
MacDailyNews Take: Johns Hopkins Information Security Institute cryptographer Matthew Green explains via Twitter:
Guide to iOS estimated passcode cracking times (assumes random decimal passcode + an exploit that breaks SEP throttling):
4 digits: ~13min worst (~6.5avg)
6 digits: ~22.2hrs worst (~11.1avg)
8 digits: ~92.5days worst (~46avg)
10 digits: ~9259days worst (~4629avg)—
Obviously, those concerned with security and privacy should use an alphanumeric passcode that’s seven characters – even longer is better – and mixes numbers, letters, and symbols.
To change your password in iOS:
Settings > Face ID & Passcodes > Change Passcode > Passcode Options: Custom Alphanumeric Code — MacDailyNews, April 16, 2018SEE ALSO:
GrayKey box can guess a six-digit iPhone password in 11 hours on average – April 16, 2018
SEE ALSO:
Police around the U.S. can now unlock iPhones – April 12, 2018
Law enforcement uses ‘GrayKey’ box to unlock iPhones – March 16, 2018
The man who wrote those password rules has a new tip: N3v$r M1^d! – August 8, 201
[Thanks to MacDailyNews Reader “TS” for the heads up.]