Skip to main content

iPhone Users Pick Obvious iPhone Passcodes

Losing your phone used to mean losing all your saved SMS and phone numbers. If you were really unfortunate, you had a camera phone and a perfect stranger had access to your photos, too. Nowadays, things are a little more risky. With all of the applications available for today’s phones, losing your phone could mean someone else has access to your email, iTunes, PayPal, Twitter, Facebook, eBay accounts and much more.

One of the best ways to prevent getting completely screwed over (aside from not losing your phone in the first place), is to use a passcode or pattern screenlock. The iPhone even has a feature that will wipe your phone if the passcode is entered incorrectly too many times. Sadly, this isn’t nearly as effective if your passcode is ridiculously easy to guess.

App developer Daniel Amitay uses his Big Brother Camera Security app to record anonymous passcode data from users. Amitay says that based on the data his app has gathered, the most popular code is 1234. Furthermore, despite there being 10,000 possible combinations, 15 percent of people are using one of the top 10 most popular codes. 

"A thief (or just a prankster) could safely try 10 different passcodes on your iPhone without initiating the data wipe," writes Daniel on his blog. "With a 15 percent success rate, about 1 in 7 iPhones would easily unlock--even more if the intruder knows the users’ years of birth, relationship status, etc."

Amitay’s data is based on 204,508 passcodes he recorded anonymously via his Big Brother Camera Security App. However, it seems Apple hasn’t taken to kindly to his publishing of the most common passcodes, as his app was yesterday pulled from the App Store. In an attempt to calm those with concerns about his app, Daniel clarified via his blog that he only gathered passcodes that were inputted directly into his app (as opposed to the actual iPhone lockscreen). He also assured readers that when the app sends this data to his server, it is literally only sending the inputted passcode (e.g. "1234") and nothing else.

"I have no way of identifying any user or device whatsoever," he wrote, before highlighting the relevant section of the App Store EULA that stipulates he is allowed to collect this data so long as it is "not personally [identifiable to] You."

"Perhaps this was a misunderstanding on Apple’s part, or perhaps I missed a developer agreement where I’m not able to publish certain statistics (?)," he continues. "But I’m hoping to get this worked out and have Big Brother back on the App Store. I’ll gladly remove the code in question if it is what Apple has a problem with.

"That said, I had planned on having these common passcodes built into a next update, so as to prompt users not to choose obvious passcodes."

For more information on the most common passcodes, check out Daniel’s blog.