It’s time to stop using that useless six-digit passcode on your iPhone. Now that cops around the United States are going crazy for the GrayKey, a little box that can crack your iPhone’s passcode in hours, it has become clear that the iPhone’s regular six-digit numerical code is no longer secure.
Plus, now that GrayKey is available, it won’t be long before they’re in the hands of the bad guys, too, if they’re not already. In fact, instructions on how GrayKey works surfaced online last month.
The good news is, it’s super-easy to change your iPhone passcode to something a lot better. The bad news? There actually isn’t any, unless you already have the cops trying to break into your iPhone — in which case you’ve got plenty of bad news already.
Touch ID, Face ID and better passcodes
Thanks to Touch ID and Face ID, using a long iPhone passcode costs you almost nothing in terms of inconvenience. Even if the passcode is as long as a full-size tweet, you will almost never have to actually type it in. The only real limit is on whether you can remember it or not.
You only have to type in your master password on a few occasions, after all. It’s required after restarting the iPhone, for example, or when you want to update iOS. The iPhone also prompts for the password every few days, depending on how long you’ve gone without actually using the device. The rest of the time, you can skip the passcode entry thanks to Face ID or Touch ID.
So, step one is to make sure you’re using Touch ID or Face ID. Touch ID is slow on older iPhones, but if you have an iPhone 6s or better, you’re using the second-generation sensor, which is all but instant. And Face ID is also pretty much instant.
Change your iPhone passcode to a proper passphrase
To change your iPhone passcode, go to Settings > Face ID & Passcode (or Settings > Touch ID & Passcode, if you don’t have Face ID). The device will prompt you to enter your current passcode to authenticate yourself. Then, scroll down and tap Change Passcode. The iPhone will prompt you to authenticate once again with your current passcode. Once you’ve done that, the familiar numerical keypad will appear, ready to accept your new code.
Do not type anything yet. Instead, tap on the words Passcode Options. This brings up the following panel:
You can choose from a four- or six-digit numeric code, a custom numeric code or a custom alphanumeric code. Pick Custom Alphanumeric Code from this list, and type in your new passcode. Avoid using something easily “hackable” like the name of your dog, your address, etc. It’s much better to use a long passphrase — a string of common (but random) words that you can remember. (It’s also a good idea to store your new passphrase in a secure password manager like the one from Cult of Mac sponsor Dashlane. That way you’ll be covered even if you forget your new iPhone passphrase — as long as you have it synced to another device, that is.)
Picking a good passphrase is beyond the scope of this article. But once you have one that is both secure, and that you can remember, type it in. Then type it in again when prompted. You are now far more protected against cops trying to brute-force their way onto your iPhone using GrayKey or similar tools. Instead of cracking your passcode in a matter of hours or days, it will now take weeks, months or even longer.
New unlock screen
If you’ve been using a regular numerical passcode up until now, you’ll see that, when you’re prompted to enter your new passcode, your iPhone presents a different input method. Instead of a numerical keypad, you see a full QWERTY keyboard. Just type in your new passphrase, and hit Enter.
It might seem like a pain entering a longer code (because it is). But because you hardly ever have to enter it anyway, it’s worth the hassle. Just make sure you can remember it.
We originally published this article on April 17, 2018. We updated it for the latest version of iOS.