iPhone Passcode is too weak
This has nothing to do with the recent news of the security issue where the passcode can be bypassed with the emergency call feature. Apple's already got the fix for that coming in the next update so I'm satisfied with that but...
Does anyone else think the four digit passcode for the iPhone is way to easy to guess. I know guessing a four digit code is not "easy" per say, but for a determined criminal it's by no means difficult. Just a lot of repetition.
I tried typing in a few wrong codes on my iPhone to see what it did. I entered in about four in a row. Each time the iPhone vibrates and the navigation bar turns red and says "Wrong Passcode - try again" I know, scary right?
Anyways It took me between 3 and 4 seconds to enter in a wrong code, get the message, and be allowed to try again.
Assuming you could average 4 seconds per attempt it would take you 40,000 seconds to try all 10k possible passcodes from 0000 to 9999.
That's only about 11 hours!
I know, "Who's gonna sit and try passwords for 11 hours?" right?
Well if I was a crook determined to steal the thing, I'd just put in an hour per day and I'd be guaranteed to have it cracked in a week and a half.
It would be cool if it let you set your 4 digit code for convenience and a longer more secure password in case you forgot your 4 digit. Then if someone tried to type in the wrong 4 digit code three times or so, it would prompt for the 'real' password, and until you could supply that it wouldn't budge.
I plan to send this same concern as feedback to apple but I was just curious what other people thought about this. I read around on the web people saying things like, "just don't leave your iPhone laying around and no problem" but you really never know what might happen. And I've got info in my iPhone I don't want falling into the wrong hands.
Does anyone else think the four digit passcode for the iPhone is way to easy to guess. I know guessing a four digit code is not "easy" per say, but for a determined criminal it's by no means difficult. Just a lot of repetition.
I tried typing in a few wrong codes on my iPhone to see what it did. I entered in about four in a row. Each time the iPhone vibrates and the navigation bar turns red and says "Wrong Passcode - try again" I know, scary right?
Anyways It took me between 3 and 4 seconds to enter in a wrong code, get the message, and be allowed to try again.
Assuming you could average 4 seconds per attempt it would take you 40,000 seconds to try all 10k possible passcodes from 0000 to 9999.
That's only about 11 hours!
I know, "Who's gonna sit and try passwords for 11 hours?" right?
Well if I was a crook determined to steal the thing, I'd just put in an hour per day and I'd be guaranteed to have it cracked in a week and a half.
It would be cool if it let you set your 4 digit code for convenience and a longer more secure password in case you forgot your 4 digit. Then if someone tried to type in the wrong 4 digit code three times or so, it would prompt for the 'real' password, and until you could supply that it wouldn't budge.
I plan to send this same concern as feedback to apple but I was just curious what other people thought about this. I read around on the web people saying things like, "just don't leave your iPhone laying around and no problem" but you really never know what might happen. And I've got info in my iPhone I don't want falling into the wrong hands.
MacBook, Mac OS X (10.5)
