According to a recent report, the U.S. government and some hackers have a password cracking tool called the GrayKey that can guess a 4-digit iPhone passcode in 13 minutes and a 6-digit passcode in 11 hours. The tool can crack all iPhone smartphones including the models powered by iOS 11.
Past reports suggested that law enforcement agencies would need several hours to guess a 4-digit passcode and a few days to get a 6-digit passcode right. But Motherboard has found that GrayKey and similar iPhone cracking tools can guess a passcode much faster.
Matthew Green, a cybersecurity expert who works at John Hopkins Information Security Institute, noted that hackers need to first shut down the iPhone’s passcode-cracking protections.
Once those protections are gone, GrayKey needs 6.5 minutes to crack a 4-digit passcode and 11 hours to crack a 6-digit passcode.
Apple has equipped its iPhones with a system that erases all data if the passcode was erroneously introduced 10 times. Also, if a user has more than five wrong passcode guesses, an automatic delay prevents the user from introducing more passcodes. However, password cracking tools like GrayKey seem to bypass these systems.
Experts Recommend Alphanumeric
Even if Green has exaggerated the unlocking times, an app like GrayKey should crack a 6-digit passcode in a matter of days. Eight-digit and 10-digit passcodes are harder to crack, with hackers needing one month and up to 13 years respectively to crack them.
Since 2015, the iPhone has been protected by 6-digit passcodes as a default mode. Experts like Green, though, suggest that 6-digit passcodes are no longer safe. Most security experts now recommend alphanumeric passcodes with at least seven characters that contain symbols as well.
People should use an alphanumeric passcode that isn’t susceptible to a dictionary attack and that is at least 7 characters long,
IT expert Ryan Duff told Motherboard.
Duff also recommends using uppercase letters along with lowercase letters in the passcode.
Image Source: Pixabay