How To:

How Thieves Unlock Passcodes on Stolen iPhones (And How to Protect Yourself Against It)

Back in 2010, iOS developer Daniel Amitay developed a camera security app for iPhones that used an unlock screen almost identical to that of the iPhone.

The app was removed in mid-2011 (though, it eventually reappeared in early-2013, still available in the iOS App Store today), and before its initial demise, Amitay recorded the passwords anonymously that users typed in, and these were the results:

Image via Naked Security

These ten iPhone passcodes make up 15% of the 200,000 passcodes that his application recorded. The most popular code was "1234", which almost 9,000 people used. The rest of the codes are either very simple ("0000"), create a pattern ("2580"), or in the case of "5683", make up a word (LOVE).

These results are staggering, because according to this study, these ten codes are used by 1 out of every 7 iPhone users. Merely attempting these 10 passcodes gives you a pretty high chance of getting into someone's iPhone, even in newer iOS 7 devices.

#1. Using Brute Force to Bypass the iPhone Lock Screen

Aside from the 10 common passcodes above, your chances can exponentially increase if you know the owner of the iPhone well.

Many people use 4-digit pins that they're familiar with: birthdays, anniversaries, addresses, the last 4 of their social security numbers, and even the last 4 digits of their own phone number. iPhone users unlock their cell phones dozens of times a day, making a simple and memorable passcode beneficial.

Add to that oily finger smudges on the screen and there's a pretty good chance you'll get passed the lock screen security.

You have 6 tries to access the phone before you'll see the "disabled" warning, and then a few more before the phone is completely disable, so that gives plenty of chances for a good brute-forcer to gain access.

Even if you see the disabled screen, you still can hack into it. Scroll down to the Completely Resetting the iPhone with iTunes section for more info.

Protecting Yourself from Brute-Forcers

Much like any PIN (e.g. debit cards), you need to make it hard to guess by thieves.

  • Don't choose any of the ten passcodes listed above.
  • Don't use any important dates or any other numbers that can be linked back to you.
  • Steer away from passcodes that make shapes, like "1397" or "7139" (a square).
  • Instead of an easy 4-digit number, choose an alphanumeric code. Go to Settings -> Passcode and enter in your current PIN. Then disable Simple Passcode and set an alphanumeric passcode.

For help coming up with better passwords and codes, check out one of the many guides over on Tech Pr0n, Power Byte (the precursor to Null Byte), or InterNoobs.

#2. Using Siri to Bypass the iPhone Lock Screen

You can use Siri to bypass any code on the iPhone 4S, 5, 5C, or 5S (if Touch ID is disable), but only to a certain extent, and only if the user has allowed Siri access when the phone is locked.

If so, you can just press down on the Home button and ask Siri to make a phone call, send a text, and look through notes. Simple stuff. You can't use Siri for things like looking through email, contacts, or the internet.

Protecting Yourself from Siri's Flaws

You can protect yourself from this by deactivating Siri while the phone is locked. Do this by going to Settings -> Passcode and disabling Siri from the lock screen.

#3. Completely Resetting the iPhone with iTunes

Resetting your iPhone can bypass the passcode, but will delete everything on the phone. This can come in handy if you forget your passcode and have everything backed up on your iTunes. So, if you get a message like this when connecting the device to iTunes...

You'll need to restore your iPhone back to factory settings:

  1. Turn off your iPhone.
  2. Press and hold the Home button, and while holding the Home button in, hurry up and connect your iPhone to your computer using the USB cord.
  3. Continuing holding the Home button until the "Connect to iTunes" screen pops up.
  4. iTunes will give you the recovery mode alert.
  5. Click "OK" and restore the device.

This will take off the passcode, but will delete everything on the phone. Make sure to back up your iPhone at least once beforehand, or it will wipe to factory settings.

Protecting Yourself from Clever iTunes Restorers

It's tough to protect yourself from a hard reset, especially if your phone is stolen. What you can do is to make sure that Find My iPhone is turned on. That way you cannot only track where the iPhone is, but also remotely delete all the information before someone has a chance to bypass the passcode, granted they don't just turn the device off and sell it for parts.

#4. Tricking iCloud with a Fake Server

An anonymous hacker by the name of AquaXetine found an exploit in Apple's iCloud system that lets anyone unlock a lost or stolen iPhone running iOS 7 or above, and Apple has yet to fix it.

This hack, available at the doulCi website (iCloud (almost) spelled backwards), appears to change your DNS for the connection to iCloud so their server can intercept the Activation Lock request, and then responds with the proper message to unlock the device.

Six iPhones that were hacked using the doulCi technique. Image by esonglance/Twitter

So far, the hackers claim that over 15,000 devices have been unlocked using this technique.

Protecting Yourself from doulCi

Unfortunately, there's not much you can do here. We just have to wait for Apple to fix this insane oversight, and hope that the kill-switch legislation gets approved nationwide; if the device is essentially destroyed, then no one will want to steal it.

#5. Using Passcode-Hacking Apps

You can unlock an older iPhone using redsn0w, which also jailbreaks the device without deleting anything. This article has a video that shows how to install redsn0w on any iPhone still using iOS 5, while this one will show you how to do it on iOS 6 devices. It bypasses the code and doesn't delete any of the information stored on the iPhone. This could potentially also work with the evasi0n jailbreak for iOS 7 devices, as well.

You can also use a program called Gecko iPhone Kit (for iOS 5), which can be downloaded here, but most devices are using at least iOS 6 by now. This will actually give you the code and doesn't jailbreak or delete anything from the iPhone. Below is a video tutorial of this process.

Protecting Yourself from Password-Hacking Apps

Again, not much you can do here. If it works for them, awesome, because it was about time you updated to a new iPhone anyway.

Have you found another way to gain access to the lock screen on your iPhone? Let us know.

Cover image via Incase/Flickr

30 Comments

Another more obvious way to protect yourself from someone knowing your passcode...don't unlock your phone when anybody's nearby. I don't know how many times I've unlocked my phone with someone else staring right at my phone. I should be more careful!!!

Ok now dont put a pass code on and you can make one by putting the device in lost mode with find my iPhone I do it to get my brothers off of it when I want it back you can also leave an unpleasant message to the theif

This is good for help me know how to proteck my password and seli.

Got airplane mode and Hard reset??? Best way is to not lose it in the first place.

Can't a thief just hard-reboot the handset? I know that they can with android sets by simply holding down the volume button to access the boot menu.

There is no accessible boot menu for iPhones. Holding down the Power and Home button will hard reset the device and that's it. However, you could enter DFU mode with iTunes connected to restore the device, but with its Activation Lock enabled, it's not going to work.

sorry but you can't jailbreak a locked iphone with evasi0n because during jailbreaking it injects an app and u have to click on it to continue

and if you restore it and dont know if find my iphone is active you will get icloud lock that is impossable to get past on iphone 4s and up a5 chip is more harder

My daugher's iphone 5c was completely hacked. They changed the password, the security question answers, then declared it lost and erased the phone. Now she can't get into it all and restore from iTunes changes NOTHING! Apple care can't help because we don't have the proof of purchase. She got the phone from a "boyfriend" who "can't find" the receipt. I keep telling her he is responsible for this but she refuses to listen. Can someone please help?

Help with what, exactly? Reprimanding your daughter for dating a "boyfriend" who "can't find" the receipt? Or is the question how to access her phone after the password and security question answers were changed, and it has been declared lost??? Really??? You do realize when a phone is reported lost, it's also considered stolen. That's typically followed up by placing the phone on the blacklist. You can check the esn/imei/meid on a site like checkesnfree . com and it will give you the phone status, but if its blacklisted-

Game over, end of story. Sell for parts and get another phone for her.

My younger sibling purchased a lost phone and its an iphone 5s.
Can it be unlocked?

I called the owner but he doesn't speak english.
I am confused.
Because my sibling spent $ on it can I unlock it or should I sell it for parts?

nope dont sell for parts if you yes it can be bypassed by pressing the home 2 times and then call 112 or 122 i forget and then end the call but dont click end call click the power button and the home at the same time and it should bring you to the home screen then go to face time and send and look at the email

I bought a iphone4 come to find out it was stolen the lady does not want the phone back but does not want to give us the stuff to unlock it can anyone help?

Actually I have found a lost ipone4s which is locked by find my iPhone.

The home screen is only locked. If we type any password and the password is incorrect it shoes wait for 5 minutes then the time goes on increasing.

What should I do to open it by hacking

Can uu plz tell me how..? ? ? ? To open

i brought an iphone4s of the internet an the lady that gave it to me had forgotten her apple ID an password as she hadnt used the phone in 6 month is there anyway to work around it or anyway to jail brake it or do i just give it back to her or sell it for parts an if i sell it for part how much is it worth ?

It still doesn't clear the password

My wife forgot her pass code on her iPhone. And her other stuff, how do we get it unlocked again? Is there a way we can?

If anyone can help please find me or my wife on Facebook.

I had my phone stolen, a few weeks later I got a text indicating my phone was found. I was thinking it was the find my iphone notification that linked to the apple site. However the mock site is a phishing site that will get your username and icloud password if you log in. If you do they they will reset your phone and hence you will lose it from your iCloud.

I have iphone 4s with icloud lock and country lock can anyone helpe me to unlock this

LOL... Some people are just comedy! Asking for help to break into devices they found .. buying devices without finding out first if the person even remembers their passwords to get in... people who can't even remember their own passwords.. lol Let me rephrase that!

People who are super stupid are comedy!

then you got people claiming it's impossible to hack the A5 chip.. and Iv'e certainly had no problems doing it.. lol

The real problem is the move by corporations to own everything you buy and the content you put and use with it, by disguising it as new security measures for your own safety! Cause they really care so much about you! lol.. and as long stupid ass people don't catch on or mind and keep buying their crap like sheep, the worse it's gona get! Everything you buy will really be rented, and if you don't keep paying for their services and upgrades yo'ull just add to your growing collection of expensive bricked paper weights!

Then you'll come right back here and ask how to bypass it... Which is why your on here in the first place... and their just getting started.

lol Comedy!!

By the way.. for those of you locked out your devices! 3utools and/or purple sniff. Your welcome!!

does it work on lost mode of icloud

I found an IPhone 6 in the parking lot of a casino. I went to the casino facebook page to find who the phone belongs to but no response back. It is password lock and can't get in with Siri. What can I do to unlock this? My son says to sell it for parts but the phone is in great condition and I can use a new phone.

*i purchased iphone 6s plus from a scammer and after 1 day its in lost mode' what should i do now.
is there anyway to unlock it or I sell the parts ?*

Share Your Thoughts

  • Hot
  • Latest