iPhone passcode hacked by security researcher

/ 05:08 PM June 23, 2018

INQUIRER.net Stock Photo

A security researcher found a way to hack into an updated iPhone using the brute force process of entering as many passcodes as possible.

Matthew Hickey, co-founder of cybersecurity firm Hacker House, discovered that by connecting the iPhone to a computer, hackers could bypass the device wipe feature from activating, according to a report by ZDNet.


iPhones have a “secure enclave” part that keeps track of how many wrong passcodes have been entered. After a certain number of tries, it wipes the device to protect the owner’s data.

Hickey stated that by having the iPhone connected to a computer, an interrupt request function gets triggered, which prioritizes every action coming from the connection over anything happening on the device.


He then sent a long string of possible passcodes numbered from 0000 to 9999 without spaces. The lack of spaces prevents the system from taking a break and allows all the thousands of tries to be processed. Hickey uploaded a video on Vimeo to demonstrate his discovery. The downside to this method lies in its speed.

Each passcode gets processed for around three to five seconds. A hundred four-digit passcodes would take around an hour. Six-digit passcodes, the default for iOS 11, would take weeks to crack.

On the other hand, this kind of attack may loose its effectiveness when iOS 12 rolls out. iOS 12 includes a feature called USB Restricted Mode, which limits the use of cables as purely for charging.  Alfred Bayle /ra


New ASUS laptop replaces trackpad with multi-function touchscreen

Mid-range Google Pixel phone may come out in 2019

2018 iPhones may get fast-charging USB-C adapters, cables


TOPICS: Cybersecurity, Hacker, iPhone, passcode
Read Next
Don't miss out on the latest news and information.
View comments

Subscribe to INQUIRER PLUS to get access to The Philippine Daily Inquirer & other 70+ titles, share up to 5 gadgets, listen to the news, download as early as 4am & share articles on social media. Call 896 6000.

For feedback, complaints, or inquiries, contact us.

© Copyright 1997-2020 INQUIRER.net | All Rights Reserved

We use cookies to ensure you get the best experience on our website. By continuing, you are agreeing to our use of cookies. To find out more, please click this link.