Friday, August 5, 2011

iPhone Passcode Bias

An informal study from collecting just over 204,000 iPhone passcodes, produced the graphic below on the top ten most common passcodes

image

The author concludes that

Formulaic passwords are never a good idea, yet 15% of all passcode sets were represented by only 10 different passcodes (out of a possible 10,000). The implication? A thief (or just a prankster) could safely try 10 different passcodes on your iPhone without initiating the data wipe. With a 15% success rate, about 1 in 7 iPhones would easily unlock--even more if the intruder knows the users’ years of birth, relationship status, etc.

1 comment:

NoticeBored said...

I bet other PIN codes, including those for ATM/EFTPOS/credit cards, are equally weak. They only work because there are other/compensating controls, not least their owners physically securing their cards and iPhones.