Apple Intelligence now features Image Playground, Genmoji, Writing Tools enhancements, seamless support for ChatGPT, and visual intelligence.

Apple Intelligence has also begun language expansion with localized English support for Australia, Canada, Ireland, New Zealand, South Africa, and the U.K. Learn more >

You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

📰 Newsroom Update

Voice Memos update brings Layered Recordings to iPhone 16 Pro and iPhone 16 Pro Max. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Security & Privacy

why the iphone just open typing the 4 digit pin ? I had 11Pro which was stolen & the hacker unlocked my phone just typing pin - a big security lapse ?? also he siphoned off money using my bank detail from phone as it was carrying my sim , to me its a big security lapse & needs to be addressed , i want to claim this to apple please guide me how i can address & to whom Apple support is useless fellows does not understand this important issue , just keeping the customer on hold & never call back though they say it -


please if some one can help .

do write to me


[Personal Information Edited by Moderator]


Posted on Nov 30, 2021 6:22 AM

Reply
Question marked as Top-ranking reply

Posted on Nov 30, 2021 6:25 AM

Apple has been recommending at least a 6-digit passcode for years. You have to make a special effort to use a 4-digit one. You can also select a more complex password. It's entirely your choice.


Use a passcode with your iPhone, iPad, or iPod touch - Apple Support


I would also point out that you've opened yourself up to all sorts of private and security issues by posting your email in a public forum. I've requested the Hosts remove it but the damage may be done.

Similar questions

12 replies
Sort By: 
Question marked as Top-ranking reply

Nov 30, 2021 6:25 AM in response to RakeshVIndia

Apple has been recommending at least a 6-digit passcode for years. You have to make a special effort to use a 4-digit one. You can also select a more complex password. It's entirely your choice.


Use a passcode with your iPhone, iPad, or iPod touch - Apple Support


I would also point out that you've opened yourself up to all sorts of private and security issues by posting your email in a public forum. I've requested the Hosts remove it but the damage may be done.

Reply

Nov 30, 2021 6:43 AM in response to RakeshVIndia

To use Face ID, you must set up a passcode on your device. You must enter your passcode for additional security validation when:
The device has just been turned on or restarted.
The device hasn’t been unlocked for more than 48 hours.
The passcode hasn’t been used to unlock the device in the last six and a half days and Face ID hasn't unlocked the device in the last 4 hours.
The device has received a remote lock command.
After five unsuccessful attempts to match a face.
After initiating power off/Emergency SOS by pressing and holding either volume button and the side button simultaneously for 2 seconds.

About Face ID advanced technology - Apple Support



Reply

Dec 1, 2021 6:31 AM in response to RakeshVIndia

You're setting up weird hypotheticals. Do you think the shopping mall security is going to come after you, confiscate your device, unlock it and look at your photos? Why would they do that? In the general scheme of things, unless you're restarting your phone in the shopping mall, your Face ID will work just fine.


You can also change your passcode to one that is complex. I've given you the instructions.


And, finally, telling us here in this user-to-user forum how you think Apple should make things work is pointless. Apple doesn't read here for suggestions or feedback. However, you can let them know your thoughts here:


Product Feedback - Apple

Reply

Nov 30, 2021 6:33 AM in response to RakeshVIndia

RakeshVIndia wrote:

I had 11 pro , i am not sure about other devices , it only takes 4 digit , also what is use of having face ID - many times face id does not work & you have to type 4 digit pin to unlock , i am not able to understand this

Again, the 4-digit passcode was your choice. The default is 6 digits. A more complex password is also an option. Please read the article I linked to above.

Reply

Nov 30, 2021 6:43 AM in response to RakeshVIndia

The screen lock passcode length has nothing to do with the physical device. It is a function of iOS and iPadOS. Any device running iOS 9 or any more recent version of the operating system defaults to a 6 digit screen lock passcode, with options in settings to instead use a 4 digit code or a complex alphanumeric password.


The very first iPad Pro models shipped with iOS 9 and every pro model since has shipped with whatever later release was the default at the time they were made. So your device would have defaulted during initial setup to a 6 digit code, not a 4 digit code. You or someone you let use it must have changed the original code to a 4 digit one.


FaceID or touchID will not work anytime the device is rebooted. When rebooted, you must first enter the screen lock code to initiate use of FaceID or touchID. Same thing if you don’t unlock the device for 48 hours - the code itself is then required first.

Reply

Nov 30, 2021 7:04 AM in response to IdrisSeabright

I understand all these , simply my question is -- the purpose of having Bio Id is to give 100% protection for unlock , to me this does not make sense it just open simply with pin, If we set up face id with pass code then - the device must recognize both face id & pass code is then fine , not able to understand.

Passcode is entered when face id does not work & it happened to my case even without the above conditions you mentioned , not sure why , even if my phone was not used for couple of hours some times face id did not work. Once FACE ID is set this should work without any interruptions why many conditions are put , like 48 hrs or others , what is the need for those conditions , once you configured a face ID - this should be set for ever unless we want to change by ourselves , this is not happening - one can steal your device , using a spy camera the typing patter pin code can be easily found - then you are gone

Reply

Nov 30, 2021 7:40 AM in response to RakeshVIndia

RakeshVIndia wrote:

I understand all these , simply my question is -- the purpose of having Bio Id is to give 100% protection for unlock , to me this does not make sense it just open simply with pin, If we set up face id with pass code then - the device must recognize both face id & pass code is then fine , not able to understand.
Passcode is entered when face id does not work & it happened to my case even without the above conditions you mentioned , not sure why , even if my phone was not used for couple of hours some times face id did not work. Once FACE ID is set this should work without any interruptions why many conditions are put , like 48 hrs or others , what is the need for those conditions , once you configured a face ID - this should be set for ever unless we want to change by ourselves , this is not happening - one can steal your device , using a spy camera the typing patter pin code can be easily found - then you are gone

If you read the article I linked to above on how Face ID works, you would see that it is NOT 100% secure. Also, you cannot use it if the phone has been powered off as the Face ID information is stored in what is called a "Secure enclave" that the only accessible once the phone has powered up.


The fact that you want Face ID to work in a way that it does not and never has doesn't mean Apple is some how at fault.

Reply

Nov 30, 2021 9:13 AM in response to RakeshVIndia

FaceID and TouchID digital encrypted data is stored in secure enclave. However, neither the touchID sensor nor the faceID camera have any access to that secure enclave data until you first authenticate with the password.


Your screen lock passcode is never stored or saved to the device or anywhere. When first set it is used to generate the keys necessary for encryption and decryption of your data on the device and those keys are saved securely. Since the algorithm that generated the keys is based on the exact code or password you set, you need that exact code or password to verify the keys and regain access to a device. That is the added security of requiring the passcode or password - it is the master code to unlock your device and allow the operating system to begin using touchID or faceID. Since the code should be known to you and nobody else, it is the master key securing your data and device.


When your device is shut down or restarted, the keys are once again must be verified by entering the passcode and only then may touchID or faceID be used. Similarly after 48 hours of non-use, iOS itself breaks access to the keys and they must be verified anew using the passcode.


The passcode cannot be recovered since it is never saved to begin with. That is why the one and the only way to regain access to a device without the passcode or one which is disabled because of too many login attempts is to erase it and set it up all over again to generate fresh security keys.


TouchID and faceID are convenience proxy's for the passcode so you do not have to physically type it in all the time. They also allow one to use a much more complex screen lock passcode ideally since they will only need it occasionally. My password on all my devices is 12 characters including standard things like case change, numbers and special characters (it is saved in a secure keychian note on my two Macs as well as in mSecure which sync's my passwords across all my devices).


You can also change the password settings in iOS and iPadOS to include the option to erase the device after too many failed guesses at the passcode or password (8 I think it is).


So Apple has very carefully thought about all this and engineered their chips they use in their devices to be amongst the most secure consumer electronics ever made. The screen lock passcode and the way it works is integral to how secure enclave works. It is not a substitute for touchID or faceID - they are substitutes for it to make using the devices easier, and ideally to allow you to even increase security by using a complex password.

Reply

Nov 30, 2021 10:40 PM in response to Michael Black

So, i tell you how this is very easy to track your passcode. You are going to a shopping mall or a shop or a place where CCTV cameras are installed & you are being tracked, Your face ID does not work & you have to type passcode , in my case it is only 4 numerical digit because i got that much space to type for whatsover the reason, I type my 4 digit pin & then the same might be recorded on camera quite possible , right ? why apple kept Face ID as dependent on your passcode , this is keeping your device vulnerable. It can be set first time with passcode thats fine but not every time. What I understand from your explanation is - FACE ID is set up not as security feature but as a convenient way to unlock the phone to avoid typing passcode again & again ? this is just rediculous. I will definitely ask explanation from Apply Inc why then a customer has to pay from such expensive feature which is set up just for a convenience to unlock the phone but it is not a security feature at all & my suggestion would be to Apple Inc that BIO ID is full proof & not the pass code.

I lost my phone , money & data because of this lapse in security in iphone. Some one has to explain me why there is need to disable BIO ID for certain cases - like 48 hrs or 4 hrs , i do not understand this logic once FACE ID is registered it should be forever - what is the logic that it gets disabled in number of circumstances & making the user to type the passcode again & again & making our security compromised because while typing it is easier to detect your pin as i explained above.

Reply

Dec 1, 2021 8:14 AM in response to RakeshVIndia

Sorry, but I am simply not so paranoid to believe that some mall cop sitting in a room swatching multiple monitors is so keenly focused that he spots me using my phone and zooms in just in time to see me enter my code (since nowadays I’d be wearing a mask so FaceID is disabled). And yes, he’d need to be able to zoom in to see it as mall cameras are wide angle cameras to allow for watching of large numbers of people simultaneously. He’d also have to be dang quick because even with my long password, it takes me a second or two to type it in. And then the mall cop is so willing to face being fired at the least, or facing criminal charges, that he accosts sometime later to grab my iPhone and steal my personal information.


That scenario, IMO, is absurd.

Reply

Security & Privacy

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.