Even more fun: if you give a four-digit passcode for the non-simple passcode, it turns on the 'simple passcode' option again, which means that you can't have a four-digit passcode without telling the length of the code.
So yes, it "leaks password data". ;)
I just took a look at my own iPhone, and it bears this out. On the bottom half of the screen, there are a series of fingerprints and a giant smudge. If you were to try and guess my password from the clear prints, you'd end up pressing the wrong digits entirely.
Assuming it will get changed at some point making me look foolish, HN title at time of posting is "3-digit iPhone password is more secure than 4-digits". Original title from the source is "Game theory and probability of iPhone passwords".
If that weren’t enough, my friend actually brainstormed a couple of other ways to improve the password.
like using three digits but tapping a phantom fourth number once the code is entered…. so there are four “tap prints” but only three which are relevant!
If they were to then guess that only 3 of the 4 digits were used, with one being repeated, the possibilities are vastly increased by not knowing which digit is repeated OR which digit is not actually used. Off the top of my head I think it would be 36x4 (36 being the number of combinations using 3 unique digits, multiplied by four for each digit that could be un-used), meaning 144.
If you were to do the same trick, so after entering your 4-digit code containing 3 unique digits, you then hit two different fake digits (same two every time you unlock)... you would have 36x9 combinations, totally 324.
To take this to its (il)logical conclusion, you could fake-press all the digits that you're not using, but at that point you're clearly going too far and should consider just wiping off fingerprints instead.
Then again, is there really a real life use for any of this logic at all? I think not. 36 combinations rather than 24? Hell, even 324 instead of 24. Is it interesting to calculate, sure. Is it worth caring about when actually creating your passcode, not really, ultimately it will cause a minor annoyance to anyone who wants to guess the code, as they will take a little longer to get there.
That said, it's only not worth caring about in terms of the number of combinations. If you use only 3 unique digits, yet always tap the same fourth decoy-digit, while the combinations may only go from 24 to 144, there is a chance that the theif/whoever would fail to guess the plan, and therefore not think to try more than the 24 combinations.
Their WhisperCore product has two alternative screenlocks that basically use additional (thumb) smudges to remove evidence.
Sounds like WhisperCore also uses AES-256 for device encryption. Which is killer. I can't wait to see how this product develops over the next couple months.
On the other hand it's really hard to describe your gesture to someone if you're lending them your phone, unlike a PIN which is easy to relay verbally; you really need to demonstrate the gesture.
I do change it from time to time which may have played a part in that though.
This would then reduce the possibilities to 12 instead of 24 resulting in a less secure code.
I think the other solution presented in the comments of the post offer a far superior result: Randomize the position of the digits displayed each time. This way you cannot relate a tap print to either a digit or a relationship to another.
If you really want it even more secure (unable to tell if the user has used a digit more than once), randomize the positions after each entry.
Of course, these solutions have a downside in that you will enter the code slightly slower and thus slightly increase the risk of 'over the shoulder' attack vectors.
For a 3 digit passcode, there must be 1 pair of repeated digits somewhere in the 4 number sequence e.g. 1_1_, 11__, _11_ etc.. so 2 x 3 = 6 different pairs. This pair of repeated digits is any one of the 3 unique numbers e.g. 11__ or 22__ or 33__. For any pair of repeated digits, there are just 2 options left for how the other 2 digits must be arranged in the sequence of 4 e.g. xx12 or xx21. So 6 x 3 x 2 = 36.
For a 2 digit passcode, there are 2^4 = 16 permutations, except since there must be at least 1 of each digit present, you have to subtract the 2 permutations with 4 repeated digits e.g. 0000 or 1111. So 16 - 2 = 14.
I was thinking about making a blog post about it but couldn't see much more information to add, it seems this blogger couldn't either ;p
Unfortunately, a few facts about combinatorics rarely calm those kind of people down.