Apple’s push to tougher passwords could be problematic for users

One of the least noticed announcements from Apple’s World Wide Developer Conference could have a big effect on the security of mobile devices – but it also highlights a risk of password technology. 

With its new iOS 9 operating system, Apple will require newer iPhones and iPads to upgrade to a six-digit PIN instead of the usual four digits. As Apple points out, this will make it significantly harder to crack passcodes – there are now 1,000,000 potential codes instead of 10,000.

The problem: PINs will still be optional – and many users won’t take that option, of course.

And those who have four-digit PINs may also balk at the change. It may seem like a minor inconvenience to remember two extra digits, but most users probably already have the same four-digit password for multiple accounts. That’s not smart from a security standpoint, but being forced to remember a new one isn’t likely going to be popular.

Perhaps the biggest incentive not to remember a new PIN: If users guess incorrectly 10 times, the device is automatically wiped clean of its data. From a company’s standpoint, that’s a great protection to have. But it’s a scary prospect most users won’t want to have to face.

(And just imagine the number of times someone’s kid takes the phone and thinks, “Yeah, I can probably guess mom or dad’s password in ten tries.”)

Push to ‘Touch’

The big reason Apple is banking on making a more complicated password? It doesn’t think people will use them anymore.

Newer phones and tablets come with Touch ID, the fingerprint-reading technology that Apple is making part of its operating system’s best features.

It could be safer than passwords in many ways – you can’t guess or accidentally disclose a fingerprint or other biometric key. But there are instances where this technology has been found to be flawed in the past.

The technology will, no doubt, improve in the future. In the meantime, make sure your BYOD policies require passcode protections of some kind – be it fingerprint scanning, passwords or PINs – in order to protect corporate data on devices.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy