applemagic

Soli said:

applemagic said:

Soli said:

Use the full keyboard for your passcode! Even add a simple long press character to make it crazy hard to crack without invoking much of a hassle for you.

@Soli, I have seen you mention this a few times in these forums. Could you please explain this a little more? I have a 6-digit password (numeric, though, which I guess I need to change), so I would like to try your suggestion. But, I am not sure I understand what 'use the full keyboard' and 'add a simple long press character' mean. I use an iPhone 6, running iOS 10.x.

1) By full keyboard I mean switching from the numbered to the incompletely-named alphanumeric keyboard in Settings » Touch ID & Password » Change Passcode » Passcode Options » Custom Alphanumeric Code.

2) If you use the "typical" character palette of upper case letters (26), lower case letters (26), numbers 10), you have 72 options per character, but why not use all those "special characters" that are also available which I think bring you another 35 options for a total of 107 options, which is more than any website I've seen which only give you a handful of extra character options based on their weak sense of security and the minimal effort they've had to put in so that the special characters don't mess with their database setup.

That means a 6-character passcode would be 107^6 for a total of 1.5 TRILLION possible combinations compared to your 6-digit PIN which is 10^6 for a total of 1 MILLION options. It really doesn't take much longer to input and because of Touch ID and Face ID not requiring you to unlock with your passcode constantly there's no reason not to have a more secure one.

3) If non-alphanumerics for passwords, like punctuation and other non-alphanumeric characters, are referred to as "special characters" I've deemed the much richer palette of characters available for the long-hold on the iOS virtual keyboard as "very special characters." For example, if you hold down the 'a' key on at the American English iOS keyboard (same for macOS, btw), you get the options (à, á, â, ä, æ, ã, å, ā). These are all valid for Apple OS passwords and they're all unique Unicodes so they won't be registered just the letter 'a'. But not all have so many options on the long-press. The ampersand (&), for example, only has the section sign (§) as an option.

By my last count—as I recall—of the American English iOS keyboard there are 210 options. That means that a 4-character passcode would be 1.944 BILLION options. Moving to 6-characters it's now 85.8 TRILLION. 


PS: I'll also reiterate what having emoji as options for password could do. Perhaps not all characters could be used because they're too similar in look, and cross platform characters can look very different, but even a basic array of pictograms could be useful. Some people could remember them better by creating a story from them as their password, even if just interjecting one or two. This could increase the complexity of the character palette to around 1000 characters—or BASE-1000—which would make these brute force attacks virtually impossible as they stand now, even for very short passcodes. A 4 character passcode that was not limited to just numbers and letters would have 1 TRILLION possibilities with just 4 characters, which the user could quickly type in. Move that to 6-characters and you now have 1 QUINTILLION. I don't expect to see emoji added for a long time, but I do see the benefit of allowing them to be used in some fashion.

Soli said:

Use the full keyboard for your passcode! Even add a simple long press character to make it crazy hard to crack without invoking much of a hassle for you.

elijahg said:

nunzy said:

It looks like they learned a valuable lesson. If you mess with Apple, you get hammered.

The one that's going to get hammered is Apple, if they continue with this anticompetitive behaviour. The new rule that "transactions taking place within mirrored software do not need to use in-app purchase, provided the transactions are processed on the host device." is probably a way to skirt this.

cgWerks said:

StrangeDays said:
So did I. But here’s the thing — we’re not looking for failure and disappointment the way the eternally disenchanted critics are. 

My measurement is stuff that will make my life better or increase my productivity.
What's yours?

fastasleep said:

dick applebaum said:

wizard69 said:

I really don't care anymore what Wall Street does.   Frankly I'm happy that they have refocused on speed and stability.   

To me anyway, this Keynote just felt a bit off.   It actually seemed more focused on the consumer end of the business then the developer end.   Maybe I need to releisten as I did drop in about 15 minutes late, even so it was like that old hamburg ad with the old woman asking "where the meat?".

It did strike me that Tim and Craig were a little off their game, being not well rehearsed and being careful about what they were going to say.

It was almost as if they redesigned the iOS and macOS presos at the last minute and had to expand the time spent on features with less umph!

Did like the Siri Hypercar... er, ah, Shortcuts, tho!

Weird. I thought they knocked it out of the park. A couple very minor flubs but overall, I thought everyone did an incredible job and sounded very well rehearsed. ¯\(°_o)/¯