How Thieves Unlock Passcodes on Stolen iPhones (And How to Protect Yourself Against It)
Back in 2010, iOS developer Daniel Amitay developed a camera security app for iPhones that used an unlock screen almost identical to that of the iPhone.
The app was removed in mid-2011 (though, it eventually reappeared in early-2013, still available in the iOS App Store today), and before its initial demise, Amitay recorded the passwords anonymously that users typed in, and these were the results:
These ten iPhone passcodes make up 15% of the 200,000 passcodes that his application recorded. The most popular code was "1234", which almost 9,000 people used. The rest of the codes are either very simple ("0000"), create a pattern ("2580"), or in the case of "5683", make up a word (LOVE).
These results are staggering, because according to this study, these ten codes are used by 1 out of every 7 iPhone users. Merely attempting these 10 passcodes gives you a pretty high chance of getting into someone's iPhone, even in newer iOS 7 devices.
Aside from the 10 common passcodes above, your chances can exponentially increase if you know the owner of the iPhone well.
Many people use 4-digit pins that they're familiar with: birthdays, anniversaries, addresses, the last 4 of their social security numbers, and even the last 4 digits of their own phone number. iPhone users unlock their cell phones dozens of times a day, making a simple and memorable passcode beneficial.
Add to that oily finger smudges on the screen and there's a pretty good chance you'll get passed the lock screen security.
You have 6 tries to access the phone before you'll see the "disabled" warning, and then a few more before the phone is completely disable, so that gives plenty of chances for a good brute-forcer to gain access.
Even if you see the disabled screen, you still can hack into it. Scroll down to the Completely Resetting the iPhone with iTunes section for more info.
Much like any PIN (e.g. debit cards), you need to make it hard to guess by thieves.
- Don't choose any of the ten passcodes listed above.
- Don't use any important dates or any other numbers that can be linked back to you.
- Steer away from passcodes that make shapes, like "1397" or "7139" (a square).
- Instead of an easy 4-digit number, choose an alphanumeric code. Go to Settings -> Passcode and enter in your current PIN. Then disable Simple Passcode and set an alphanumeric passcode.
If so, you can just press down on the Home button and ask Siri to make a phone call, send a text, and look through notes. Simple stuff. You can't use Siri for things like looking through email, contacts, or the internet.
You can protect yourself from this by deactivating Siri while the phone is locked. Do this by going to Settings -> Passcode and disabling Siri from the lock screen.
Resetting your iPhone can bypass the passcode, but will delete everything on the phone. This can come in handy if you forget your passcode and have everything backed up on your iTunes. So, if you get a message like this when connecting the device to iTunes...
You'll need to restore your iPhone back to factory settings:
- Turn off your iPhone.
- Press and hold the Home button, and while holding the Home button in, hurry up and connect your iPhone to your computer using the USB cord.
- Continuing holding the Home button until the "Connect to iTunes" screen pops up.
- iTunes will give you the recovery mode alert.
- Click "OK" and restore the device.
This will take off the passcode, but will delete everything on the phone. Make sure to back up your iPhone at least once beforehand, or it will wipe to factory settings.
It's tough to protect yourself from a hard reset, especially if your phone is stolen. What you can do is to make sure that Find My iPhone is turned on. That way you cannot only track where the iPhone is, but also remotely delete all the information before someone has a chance to bypass the passcode, granted they don't just turn the device off and sell it for parts.
An anonymous hacker by the name of AquaXetine found an exploit in Apple's iCloud system that lets anyone unlock a lost or stolen iPhone running iOS 7 or above, and Apple has yet to fix it.
This hack, available at the doulCi website (iCloud (almost) spelled backwards), appears to change your DNS for the connection to iCloud so their server can intercept the Activation Lock request, and then responds with the proper message to unlock the device.
So far, the hackers claim that over 15,000 devices have been unlocked using this technique.
Unfortunately, there's not much you can do here. We just have to wait for Apple to fix this insane oversight, and hope that the kill-switch legislation gets approved nationwide; if the device is essentially destroyed, then no one will want to steal it.
You can unlock an older iPhone using redsn0w, which also jailbreaks the device without deleting anything. This article has a video that shows how to install redsn0w on any iPhone still using iOS 5, while this one will show you how to do it on iOS 6 devices. It bypasses the code and doesn't delete any of the information stored on the iPhone. This could potentially also work with the evasi0n jailbreak for iOS 7 devices, as well.
You can also use a program called Gecko iPhone Kit (for iOS 5), which can be downloaded here, but most devices are using at least iOS 6 by now. This will actually give you the code and doesn't jailbreak or delete anything from the iPhone. Below is a video tutorial of this process.
Again, not much you can do here. If it works for them, awesome, because it was about time you updated to a new iPhone anyway.
Have you found another way to gain access to the lock screen on your iPhone? Let us know.