iOS 9's new longer passcode will make brute-force attacks far tougher

As the US government continues to push for backdoors in commonly-used encryption, Apple gave its users an extra layer of security.
Written by Zack Whittaker, Contributor
(Image: ZDNet/CBS Interactive)

Buried in Apple's keynote at its annual developer conference on Monday, the company quietly said it would bolster the security of hundreds of millions of iPhones and iPads.

Following the announcement of iOS 9, Apple said it has nixed the default four-digit device passcode in favor of a stronger six-digit passcode.

It may not seem like much, but the addition of two extra digits will make devices running iOS 9, set to be released later this year, considerably more resilient against targeted attacks that aim to bypass the lock screen.

These attacks sequentially attempt to bypass the passcode by starting from four-zeros all the way through to four-nines. That can take from minutes to hours, but the new six-digit code will push that into the days range.

From Apple's website:

"The passcodes you use on your Touch ID-enabled iPhone and iPad will now have six digits instead of four. If you use Touch ID, it's a change you'll hardly notice. But with one million possible combinations -- instead of 10,000 -- your passcode will be a lot tougher to crack.

Hackers are known to have the tools allowing them to brute-force their way into iPhones and iPads, but those same tools are in the hands of federal agencies that are forced to using similar tactics.

Devices running iOS 8 are capable of device encryption enabled by the passcode. That effectively put the encryption keys in the hands of Apple's customers, rather than the company itself. The move was in part a response to accusations that the company was complicit in the PRISM surveillance program, a claim it strenuously denies.

Putting the device's data squarely in the hands of the user caused an outrage among the intelligence and law enforcement community. But without any legal action, Apple customers will remain some of the most protected users of today.

Hands-on with Apple iOS 9 (in pictures)

Editorial standards