applemagic
About
- Username
- applemagic
- Joined
- Visits
- 83
- Last Active
- Roles
- member
- Points
- 212
- Badges
- 0
- Posts
- 95
Reactions
-
Simple hack bypasses iOS passcode entry limit, opens door to brute force hacks [u]
Soli said:applemagic said:Soli said:Use the full keyboard for your passcode! Even add a simple long press character to make it crazy hard to crack without invoking much of a hassle for you.
2) If you use the "typical" character palette of upper case letters (26), lower case letters (26), numbers 10), you have 72 options per character, but why not use all those "special characters" that are also available which I think bring you another 35 options for a total of 107 options, which is more than any website I've seen which only give you a handful of extra character options based on their weak sense of security and the minimal effort they've had to put in so that the special characters don't mess with their database setup.
That means a 6-character passcode would be 107^6 for a total of 1.5 TRILLION possible combinations compared to your 6-digit PIN which is 10^6 for a total of 1 MILLION options. It really doesn't take much longer to input and because of Touch ID and Face ID not requiring you to unlock with your passcode constantly there's no reason not to have a more secure one.
3) If non-alphanumerics for passwords, like punctuation and other non-alphanumeric characters, are referred to as "special characters" I've deemed the much richer palette of characters available for the long-hold on the iOS virtual keyboard as "very special characters." For example, if you hold down the 'a' key on at the American English iOS keyboard (same for macOS, btw), you get the options (à, á, â, ä, æ, ã, å, ā). These are all valid for Apple OS passwords and they're all unique Unicodes so they won't be registered just the letter 'a'. But not all have so many options on the long-press. The ampersand (&), for example, only has the section sign (§) as an option.
By my last count—as I recall—of the American English iOS keyboard there are 210 options. That means that a 4-character passcode would be 1.944 BILLION options. Moving to 6-characters it's now 85.8 TRILLION.
PS: I'll also reiterate what having emoji as options for password could do. Perhaps not all characters could be used because they're too similar in look, and cross platform characters can look very different, but even a basic array of pictograms could be useful. Some people could remember them better by creating a story from them as their password, even if just interjecting one or two. This could increase the complexity of the character palette to around 1000 characters—or BASE-1000—which would make these brute force attacks virtually impossible as they stand now, even for very short passcodes. A 4 character passcode that was not limited to just numbers and letters would have 1 TRILLION possibilities with just 4 characters, which the user could quickly type in. Move that to 6-characters and you now have 1 QUINTILLION. I don't expect to see emoji added for a long time, but I do see the benefit of allowing them to be used in some fashion. -
Simple hack bypasses iOS passcode entry limit, opens door to brute force hacks [u]
Soli said:Use the full keyboard for your passcode! Even add a simple long press character to make it crazy hard to crack without invoking much of a hassle for you. -
Valve not giving up, rolls out new Steam Link beta for iOS, Apple TV
elijahg said:nunzy said:It looks like they learned a valuable lesson. If you mess with Apple, you get hammered. -
iOS 12 'doubles down' on performance for iPhone and iPad
cgWerks said:StrangeDays said:
So did I. But here’s the thing — we’re not looking for failure and disappointment the way the eternally disenchanted critics are.
What's yours? -
iOS 12 'doubles down' on performance for iPhone and iPad
fastasleep said:dick applebaum said:wizard69 said:
I really don't care anymore what Wall Street does. Frankly I'm happy that they have refocused on speed and stability.To me anyway, this Keynote just felt a bit off. It actually seemed more focused on the consumer end of the business then the developer end. Maybe I need to releisten as I did drop in about 15 minutes late, even so it was like that old hamburg ad with the old woman asking "where the meat?".
It was almost as if they redesigned the iOS and macOS presos at the last minute and had to expand the time spent on features with less umph!
Did like the Siri Hypercar... er, ah, Shortcuts, tho!