Warning! Your Six-digit iPhone Passcode is no longer Secure
Apple is known for its security and over the years it has made its iPhone more secure. But certainly it’s device security is not as strong as boosted. Each time Apple speaks about iOS security, hackers find ways to penetrate and prove themselves superior. Thus, resulting in a never ending cycle of one up man ship wherein Apple tries to patch the security holes and researchers or hackers exploit them.
As of now, it seems Apple has a lot to do and fix in terms of security. Earlier this year, users got to know a locked iPhone can be accessed by running any iteration of iOS. After this, recently, a new app dubbed GrayKey made news headline.
But, what is Graykey and what has it to do with iPhone’s security?
With the launch of iOS 9, Apple changed its default iPhone’s lock system to a six-digit code to make it more secure. But tools like GrayKey lets hacker to know users password in less than a day and access your encrypted data.
Graykey is a simple tool owned by the GrayShift, it can be used to hack into most iPhones. It is a 4X4 gray box that is two inches tall, and consists of two Lightning cables sticking out of the front.
Apple made disk encryption default on iPhone in 2014 to protect user data from illegal access. But with GrayKey device it’s easy to know the password and bypass the security. Using this device hackers can download complete content of the filesystem on the GrayKey device, including the unencrypted content of the system keychain. This means your account credentials, names and phone numbers, emails, texts, banking account information and even credit card numbers or social security numbers all that is saved on your iPhone can be accessed.
Time taken by GrayKey to unlock your iPhone with a six-digit PIN code?
According to cryptographer Matthew Green of Johns Hopkins, GrayKey takes following amount of time to crack iOS passcodes depending on its length. A 6-digit passcode can be cracked in about 11 hours on average.
Guide to iOS estimated passcode cracking times (assumes random decimal passcode + an exploit that breaks SEP throttling):
4 digits: ~13min worst (~6.5avg)
6 digits: ~22.2hrs worst (~11.1avg)
8 digits: ~92.5days worst (~46avg)
10 digits: ~9259days worst (~4629avg)
— Matthew Green (@matthew_d_green) April 16, 2018
Users know longer passcodes are strong to add a layer of security, but still they don’t opt for them. To stay secure a balance between convenience and security needs to be maintained. If you don’t want to put your data at risk you’ll have to go ahead and use a long alphanumeric passcode.
Start setting longer passcode while you read the blog without further delay.
What is the proper way to make a strong password?
A password that is combination of numbers, uppercase and lowercase letters, and symbols is strongest.
How to change the password from 6 digit to alphanumeric?
By default you get the 6-digit passcode screen to protect your data. But if you want to change it to alphanumeric need to follow the steps provided below:
1) Go to Settings.
2) Next, tap on Touch ID & Passcode section. On latest iPhone it may be called as Face ID & Passcode.
3) Now, choose Change Passcode and type in your current passcode.
4) Here, on the screen where you are asked to enter new passcode, click on the blue option that reads Passcode Options.
5) Tap on it, you will now see three different options. Chose from them or select set a custom alphanumeric code. Now enter your new password, that is a combination of letters, numbers, and symbols.
6) Tap Next, and confirm your new password.
7) To save it tap Done.
Your device will take sometime to save the new code.
Also Read : All About Fake Update Campaigns
Conclusion: Surely, typing long password is time consuming and paistking but, it is incredibly strong. Therefore, there is no harm in changing the password to alphanumeric. Also individuals who have restored backup while upgrading to new iPhones might be using 4-digit passcodes. Therefore they need to be careful until Apple fixes all security vulnerability iPhone will stay susceptible to password attacks.