Protect Your iPhone from GrayKey

Recently a story came out about the GrayKey iPhone cracking device that’s able to load altered firmware on a locked iPhone and crack a 6 digit password within a 1–3 days. It’s a tool for Law Enforcement, and is marketed for $25–30k.

From what’s publicly available about the tool I can deduce that they have not been able to crack the Secure Enclave of the iPhone, and rather cracking the password via brute force. Because the Secure Enclave has a built in 80ms delay for every attempt the maximum number of passwords that can be checked per second is still limited to 12.

With a 6 digit password the tool, when running at maximum speed enforced by the Secure Enclave, can crack the password in about a day.

10 digits ^ 6 digit combination / 12 attempts per second / 60 seconds / 60minutes / 24 hours = 1 day

However, if you change your password to 10 digits, an option in iOS, than it would take 26 years! That’s how much difference an extra 4 digits can make!

Here is a handy table:

4 digits = 14 minutes
6 digits = 1 day
8 digits = 97 days
9 digits = 2.7 years
10 digits = 26 years
12 digits = you are not going to live that long!

Change your password today! When changing your password simply choose “custom numeric password.”

Protect your privacy!