Why you can trust ZDNET : ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission. Our process

'ZDNET Recommends': What exactly does it mean?

ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.


Stop using your 4-digit iPhone passcode in public. Do this instead

A recent report suggests that your iPhone's passcode is all thieves need to steal your personal information. Here's how to make it more difficult for them to get.
Written by Christina Darby, Associate Editor
Reviewed by Kerry Wan
Someone inputting their 6-digit iPhone passcode PIN.
NurPhoto/Getty Images

After months of investigating successful iPhone robberies, Apple ID erasures, and drained bank accounts, senior tech columnist for The Wall Street Journal, Joanna Stern, concluded that thieves only need that four-digit pin code you use to unlock your phone to erase your personal data.

Also: Apple working on a new iPhone SE model with bigger screen, says analyst

The problem

Here's how they do it. The thief is oftentimes someone who befriends iPhone users at a bar. Then, they sneakily observe the users as they input their routine four-digit PIN. When the victim is the least aware, the thief tactfully swipes the phone away and inputs the passcode to unlock the device. The rest is history.

I have long thought that a successful iPhone robbery stops here because I can use a secondary device to dial into my FindMy network and track my phone.

Unfortunately, Stern's findings confirm this isn't the case. After unlocking the device, a thief can use the pin to reset your Apple ID. Then the thief can block the phone's FindMy access, along with any other devices associated with the account, and access anything backed up to your iCloud.

Also: 7 ways AirTags can simplify your life

Very quickly, your hands become virtually tied as you can't remotely wipe your device. But, the thief can now turn on a recovery key, change the trusted phone number and email address, and remove any recovery contacts. The thief can also access financial accounts and apps like Venmo or Apple Pay -- all from that simple little passcode. 

Stern's discovery left me feeling unsettled. A lot more is riding on my phone's four-digit code than I previously realized.

The solution

Besides primarily relying on my iPhone's FaceID and TouchID features to unlock my phone in public, I also decided to make my iPhone passcode more complicated so that it would be more difficult for a potential thief to spy it and/or remember it. 

Also: How to find and remove spyware from your phone

How to change and complicate your iPhone passcode

1. Open Settings and select the "Face ID & Password" option

First, navigate to your settings and select the "Face ID & Password" option from the menu. From there, select "Change passcode." You'll be prompted to enter your old passcode before you create a new one. 

Screenshot of iPhone's Face ID and Passcode option
Christina Darby/ZDNET

2. Create a new, stronger passcode

While a six-digit passcode is harder to memorize than a four-digit one, I'd recommend taking things a step further by using an alphanumeric passcode. 

Select "Passcode options" and choose "Custom Alphanumeric Code." Create a code you can remember that includes letters, numbers, and special characters. 

Also: Change this one iPhone setting to foil thieves from stealing your phone and selling it

A strong alphanumeric code is one that includes lowercase letters, capital letters, digits, and special characters (@, #, &, ! etc.). For extra security, I'd recommend randomizing the capital letters, digits, and characters throughout the passcode. There's no technical limit on the length of iPhone's alphanumeric code, but six to ten characters is a good sweet spot. 

Screenshot showing someone changing an iPhone password to an alphanumeric code
Christina Darby/ZDNET

Bottom line

If you're in public, your iPhone's biometric security measure (FaceID or TouchID) should be your default method of unlocking. If you do find yourself needing to unlock via a numeric or alphanumeric code, make sure you do so privately, shielding the process from prying eyes, the same way you shield your ATM code. And if you're too tipsy to remember a more complicated passcode, perhaps it's time to go home.

Editorial standards