The other day, my wife asked me what time the Broncos game started. Her iPhone was sitting in front of me, so I picked it up, unlocked it and looked up the Broncos game. “Whoa,” she said, “how’d you know my passcode?” I tried to boost my coolness by playing it off as a hacking exploit, but the truth is that I know her well enough to know her password tendencies. However, it got me thinking about how one might guess an iPhone passcode.
One method is to take an iPhone with the screen off and tilt it so that you can see the smudges on the glass. Once you identify the digits, it wouldn’t take more than a few minutes to run through the combinations (there are 24 combinations of four digits).
So then I started thinking about how to make things a little more difficult for the casual snooper – thieves wouldn’t be interested in your data and would simply wipe everything out. Many solutions are impractical or undesirable. Screen protectors still reveal smudges and nobody wants to obscure the stunning display of an iPhone. Repeatedly cleaning your fingers or the screen is inconvenient. You can use digits in the bottom row (7, 8, 9, 0) because the smudges on those digits are partially obscured by the smudge of using the slider, but the passcode is entered after using the slider. The two that make sense:
- It’s a little counter-intuitive, but use a four-digit number that repeats one of the digits. The snooper only sees three smudges on your screen and has the added challenge of figuring out which digit is repeated. Skipping the math lesson, there are now 36 combinations instead of 24.
- Turn off the “simple passcode” feature. Now your passcode can be as complex as any password because you can use all four character groups (numbers, lowercase, uppercase, symbols). Smudges are no longer enough to narrow down the possibilities. Moreover, you can retain the convenience of a simple passcode. For example, “asdf” is just as convenient as “1234,” but much harder to guess when looking at smudges on a screen.