Warning! Your 6-Digit Passcode Isn’t SECURE on iPhone

Since GrayShift’s brute-force unlocking tool came to light, we have researched on various data to let us know how GrayKey works. A “box” now held by government organizations around the globe for a small fee of nearly 25,000 dollars you can discover the six-digit PIN or password of your iPhone in less than a day. However, there is a way to complicate your task.

With iOS 9, the tech giant Apple modified its iPhone lock system using the PIN. This update included the option to go from a four-digit to six-digit code. However, despite this measure, tools such as GrayKey allow to find the password in less than a day. That is the information we have thanks to the methodology used by this tool owned by the GrayShift Company and the studies of a cryptography professor.

11 hours to unlock any iPhone by force

Do you know how long it will take GrayKey to unlock your iPhone with a six-digit PIN code? According to the prediction of Professor Matthew Green, specialized in Cryptography at Johns Hopkins University in Baltimore, Maryland, 22.2 hours would be enough, although the average effectiveness is 11.1 hours.

The process for a PIN code of only four numbers is reduced to 13 minutes maximum and an average of 6 and a half minutes. This data offers us a perspective of how extremely fragile this simple combination can be. And despite the fact that iOS has a security system that allows deleting the iDevice once the password has been entered incorrectly 10 times, GrayKey has found a way to bypass this protection system.

Guide to iOS estimated passcode cracking times (assumes random decimal passcode + an exploit that breaks SEP throttling):

4 digits: ~13 min worst (~6.5 avg)
6 digits: ~22.2 hrs worst (~11.1 avg)
8 digits: ~92.5 days worst (~46 avg)
10 digits: ~9259 days worst (~4629 avg)

Numbers, uppercase and lowercase letters, and symbols

What is the proper key? According to the information provided by the aforementioned professor, the idea is to opt for an alphanumeric key of at least seven digits, preferably with lowercase, uppercase and symbols. In such a case, an eight-digit key could resist GrayKey for a maximum of 92.5 days, with an average of success at 46 days.

However, with a 10-digit password, blocking an iPhone would be protected, at least under the current circumstances, for a maximum of 9259 days, or an average of 4629 days. This amounts to approximately 13 years of continuous calculation.

How to change the password of 6 digits by an alphanumeric?

A comparison of the security provided by an alphanumeric key against a six-digit PIN has come to the fore the way to change the type of password on an iPhone or iPad. To do this you must go to Settings, Touch ID and code (Face ID and code in the case of iPhone X) and click on change code.

In the next screen, we have to choose the alphanumeric key. Remember that during these steps you must enter your previous six-digit password.

0 0 vote
Article Rating
Notify of
1 Comment
Newest Most Voted
Inline Feedbacks
View all comments
Emeka Ahanonu
Emeka Ahanonu
1 year ago

IPhone users take note