Hacker News new | ask | show | jobs
by ludbb 3893 days ago
The more relevant part about passcodes (4 or 6 digits) is described on page 12.

It's not fully specified, but since the PDF mentions "iteration count" then Apple is using some sort of KDF after you enter your PIN to make brute force attacks harder to perform. It also mentions the following delays:

  Delays between passcode attempts
   Attempts       Delay Enforced
    1-4            none
      5            1 minute
      6            5 minutes
    7-8            15 minutes
      9            1 hour
There's also an optional setting you can enable so that after 10 failed consecutive attempts the device's data is wiped.
1 comments
Someone 3893 days ago
Minor correction: "IOS supports six-digit, four-digit, and arbitrary-length alphanumeric passcodes"

Also note how they mention "six-digit" before "four-digit". Six digits is the default on new installations now (http://arstechnica.com/apple/2015/06/apple-to-require-6-digi...)

link
ludbb 3893 days ago
Sure, that correction is correct ;) but it's not mentioned in that section of the mentioned documented. It leads me to believe that the restrictions described do not apply to them.
link
scintill76 3893 days ago
> It leads me to believe that the restrictions described do not apply to them.

Which restrictions? The table of delays is on the same page as "six-digit, four-digit, and arbitrary-length alphanumeric passcodes", about 3 paragraphs away. If this is what you're referring to, I see no reason to believe PINs vs. passwords are treated differently.

link
ludbb 3893 days ago
Right, my bad, I missed it.
link