|
|
|
|
|
|
by lozf
4280 days ago
|
|
|
6 randomly selected characters out of the 62 available gives less than 36 bits of entropy, which anyone with even a passing interest in any kind of cryptography will instantly recognise as pretty poor. This issue is compounded by the fact that humans are notoriously bad at randomness. I really don't think many users will be typing the 22 random characters required for just over 128 bits of entropy every time they want to use their phone. But maybe the 5.5 year figure includes the incrementally increasing delay that Apple insert between tries after x wrong guesses -- assuming a manual brute force, which is pretty much not how it would play out in reality. |
|
|
But frankly, such scenarios are not privacy concerns unless you're actually trying to carry out crimes because at that point you've got a half-dozen or more government agents assigned to personally follow you.