[MCRed]

10k distinct combinations-- if, and only iff, they used a 7 digit all numeric pin. The odds of this are not bad for most people, but in this case the person who had this phone has shown better than the average criminals level of OpSec.

One thing is for sure- for phones with TouchID where you only need to enter the pin on reboot, it makes sense to make the pin something other than numeric and longer than 4 digits.

[nnx]

iirc iOS 9 now requires 6 digits passcode on devices with TouchID.

[nacs]

Not true -- 4 digit passcodes work just fine (and are default) on Touch ID phones.

[nnx]

"The default for passcodes on your Touch ID–enabled iPhone and iPad is now six digits instead of four." ~ http://www.apple.com/ios/whats-new/