How to Create a Strong (Or Stronger) Passcode for Your iPhone
When you first set up an iPhone, you'll be prompted to create a 6-digit passcode to unlock your screen and access certain system settings. If you skip this step, you can always go back and create one, which we highly recommend. Without a passcode, everything on your iPhone is accessible by anyone who gets their hands on it — nosey friends, hackers, thieves, local law enforcement, the FBI — and you don't want that, do you?
After you add a passcode, you'll need it every time you unlock your iPhone, as well as after turning on or restarting your iPhone, updating your software, erasing your device, viewing or changing passcode settings, and installing iOS configuration profiles. This is all pretty important, so I hope you can see why you'd want a passcode on your iPhone.
To get started, head to the Settings app on your iPhone and choose "Touch ID & Passcode" or just "Passcode" for older devices from the list of options. From here, tap on "Turn Passcode On." If you've already set a passcode and just want to make it stronger (like, if you only have a 4-digit passcode), you can choose "Change Passcode" instead.
On the following screen, you'll be asked to input your current passcode if you're changing it, before you can continue. If you're setting one up for the first time, you'll jump right in, and you'll be asked to create a 6-digit numeric passcode, as long as you're running iOS 9 or higher.
Six digits is an absolute minimum for security purposes, and it will be tough for anyone to break into. With six numbers, there are one million different combinations, which is much stronger than the meager 10,000 that a 4-digit numeric passcode provides.
However, to make a really strong passcode, we suggest choosing "Passcode Options" on this screen and choosing either "Custom Numeric Code" or "Custom Alphanumeric Code."
If you choose "Custom Numeric Code" and create a 10-digit number code, that's 100 million different possible combinations. Make it 11 and you'll have a billion different possibilities. Choose the alphanumeric options and just imagine how much stronger your passcode can be, since you'll not only have numbers but uppercase and lowercase letters and special characters.
If choosing an alphanumeric one, make sure to check out Null Byte's guide to making passwords stronger for ultimate security on your iPhone.
It should go without saying, no matter which option you end up going with above, that you don't use common passcodes such as 123456, password, or even passw0rd. You also should avoid using patterns, birth dates, repeating digits, years, your social security number, phone numbers, addresses, favorite pets, or anything similar. Random is the best way to go.
If you end up going with some crazy long passcode, you might want to record it in a password manager such as LastPass, so that you never forget should you need it.
Once you've chosen your new passcode above and entered it onto the "Set Passcode" screen, you'll be asked to confirm your new passcode, so go ahead and do so. Afterward, you're all set.
However, you might get a prompt asking you to use your new passcode to change your Apple ID password from your iPhone. We suggest skipping this prompt as it makes it easier for thieves and the like who gain entry into your iPhone to also possibly gain access and take over your Apple/iCloud account. So hit "Cancel."
Canceling this prompt means that you'll either have to use security questions or two-factor authentication to confirm your identity and change your Apple ID password, should you need to.
If, for some reason, you decided to make or change your passcode while you were either not connected to a cellular data network or a Wi-Fi hotspot, then after successfully adding or changing your passcode, Apple may give you a "Confirm iPhone Passcode" notification that says: "To continue using iCloud, confirm your new iPhone passcode."
You can ex out of this notification if you want, but you'll still see it at the top of the page in your Settings app.
To get rid of this "suggestion," make sure you're connected to the internet, then tap on the notification or go to your Settings app and tap on the alert below your name. On the next screen, tap on "Continue," then enter your Apple ID password.
If you have two-factor authentication turned on for your Apple account, you'll be prompted to enter your iPhone passcode also. Doing this means your iPhone passcode "will be used to confirm your identity when signing into iCloud on a new device."
However, it should be noted that if you confirm your iPhone passcode this way, that you will be able to change your Apple ID password using your iPhone's passcode. Remember in the previous step when we skipped that part of the setup when adding/changing a passcode? Well, despite what it says in the screenshot above, this will also do what we didn't want before.
So, it's imperative that you're connected to your iCloud account while completing Step 2 so you don't have to go through this. If not, you can fix it by going back into your passcode settings, selecting "Turn Passcode Off," then turning it back on and following Step 1 and 2 again above, making sure that you're online and signed into iCloud.
A strong passcode is great to protect your iPhone from unwanted intrusion, but you shouldn't stop there. From the same Passcode settings screen seen above in Step 1, you can decide whether to lock your iPhone immediately after the screen turns off or after a set amount of time by tapping on "Require Passcode."
We suggest "Immediately" for the best security, which is the default. This means that whenever your screen turns off, that you'll need to enter your passcode to unlock it. If you use Touch ID or Apple Pay, you cannot change this setting, as it will always be needed immediately.
Speaking of Touch ID, you should be using it if you have a supported device, as it's much safer (though not infallible) than entering your passcode each time with someone lurking over your shoulder.
To set up Touch ID, from the "Touch ID & Passcode" settings, select "Add a Fingerprint," and follow the instructions. After you're done, you'll be able to use your fingerprint instead of a passcode to unlock your iPhone, use Apple Pay, or buy things from iTunes and the App Store.
You should also be using two-factor authentication, which you can get to by tapping on your name up top in Settings, then "Password & Security." On the next screen, tap on "Turn On Two-Factor Authentication" and follow the prompts. After you're done, if you get stuck on "Verifying," you can force-close Settings then tap on the alert when you open it back up (similar to the one in Step 3 above), enter in your Apple ID password, then your iPhone passcode.
While this last section is completely optional when it comes to security on your iPhone, especially since this article is about creating a stronger passcode, I urge you to consider some of these options. And these aren't your only options ... you can lock down your lock screen even more by disabling the Control Center, Notifications View, Siri, and more.