Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Hardware - Troubleshooting and Discussion > iPhone, iPad & iPod > iOS 7.0.2 login bull....

iOS 7.0.2 login bull....
Thread Tools
Fresh-Faced Recruit
Join Date: Nov 1999
Location: PA
Status: Offline
Reply With Quote
Oct 1, 2013, 07:27 PM
 
Nowhere have I seen the fallout that should be gigantic. iOS 7.0.2 just required a login password completely obliterating the value of the fingerprint device. As of now it is just a cute 2 second speedup and something you can show your friends how cool it is to open the UI, AFTER YOU RESTART AND LOG IN WITH A USELESS 4 CHARACTER PASSWORD!!! WTF?????
     
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Online
Reply With Quote
Oct 1, 2013, 08:08 PM
 
The passcode can be MUCH longer than four characters.

The SIM PIN can only be four digits, but that just allows your phone to access the network; it doesn't allow you to access the phone.

The point of Touch ID is to encourage people to lock their phone. Hardly anybody uses a passcode, because it's ****ing annoying to enter it every single time you wake up the phone to check on something.
     
Moderator
Join Date: Jan 2001
Location: Polwaristan
Status: Offline
Reply With Quote
Oct 1, 2013, 08:40 PM
 
After a reboot or not unlocking for 48 hours, the 5s with Touch ID requires the passcode to unlock. This is normal and by design.

However, when I went to 7.0.2, I had to reenter my appleid password for the store and find iPhone, which I didn't like and it was a bit odd.
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Oct 1, 2013, 08:55 PM
 
Originally Posted by TigerN28763 View Post
Nowhere have I seen the fallout that should be gigantic. iOS 7.0.2 just required a login password completely obliterating the value of the fingerprint device. As of now it is just a cute 2 second speedup and something you can show your friends how cool it is to open the UI, AFTER YOU RESTART AND LOG IN WITH A USELESS 4 CHARACTER PASSWORD!!! WTF?????
That post deserves a good old classic:

-t
     
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Oct 1, 2013, 11:00 PM
 
Originally Posted by Cold Warrior View Post
After a reboot or not unlocking for 48 hours, the 5s with Touch ID requires the passcode to unlock. This is normal and by design.

However, when I went to 7.0.2, I had to reenter my appleid password for the store and find iPhone, which I didn't like and it was a bit odd.
Isn't reentering passwords SOP after an update?
     
Fresh-Faced Recruit
Join Date: Nov 1999
Location: PA
Status: Offline
Reply With Quote
Oct 2, 2013, 12:04 AM
 
Originally Posted by turtle777 View Post
That post deserves a good old classic:

-t
The advertising hype is this passwordless system is completely independent of sim & other methods of accessing the phone. until 7.0.2 i had no password. someone could pull my sim card or connect the 5s to any computer and never access the on board data. i never had an issue. that is until the update which tossed all that security out forcing us back to an insecure password. that is bogus and false advertising. We are back to insecure 4 character login passwords. no 5s device it otherwise. flame all you want, but 4 numbers are not hard to get.
     
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Oct 2, 2013, 01:11 AM
 
I'm not sure I understand you.

First off, you can (and should) set your phone to wipe itself after 10 failed password tries. The lockout makes the 4 numbers pretty secure.

Second, I'm pretty sure I can access all your data on the phone itself, even if you yank the sim. That doesn't sound secure to me.
     
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Online
Reply With Quote
Oct 2, 2013, 02:38 AM
 
Originally Posted by TigerN28763 View Post
The advertising hype is this passwordless system is completely independent of sim & other methods of accessing the phone. until 7.0.2 i had no password. someone could pull my sim card or connect the 5s to any computer and never access the on board data. i never had an issue. that is until the update which tossed all that security out forcing us back to an insecure password. that is bogus and false advertising. We are back to insecure 4 character login passwords. no 5s device it otherwise. flame all you want, but 4 numbers are not hard to get.
It is impossible to set up Touch ID without a pass code as a fallback. You had one under 7.0 and 7.0.1, as well.

There are three points here:

1. Some security is better than no security. The convenience of Touch ID means that virtually everybody will be using it, vs. a minority of users previously locking their phone with a pass code.

2. A pass code can be most easily cracked by watching you enter it. Under normal usage, you pretty much never need to (restarts are rare, and otherwise it requires one only after a number of failed thumbprint attempts or 48 hours of inactivity). So people have little or no chance to watch you enter it.

3. A passcode on iOS can be UP TO 37 CHARACTERS LONG. Turn off the "simple passcode" option in Settings.
     
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Online
Reply With Quote
Oct 2, 2013, 02:41 AM
 
Originally Posted by subego View Post
Second, I'm pretty sure I can access all your data on the phone itself, even if you yank the sim. That doesn't sound secure to me.
I'm pretty sure you can't. IIRC, iOS 7 requires the owner's Apple ID, at least when the phone is code-protected (and definitely when switched to "Lost" mode via Find My iPhone).
     
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Oct 2, 2013, 05:08 AM
 
That's why I'm confused. It sounds like the claim is yanking the sim is enough on a non-code protected phone with iOS 6.
     
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Online
Reply With Quote
Oct 2, 2013, 05:29 AM
 
Originally Posted by TigerN28763 View Post
The advertising hype is this passwordless system is completely independent of sim & other methods of accessing the phone. until 7.0.2 i had no password. someone could pull my sim card or connect the 5s to any computer and never access the on board data.
I missed this earlier.

I'm pretty sure this has NEVER been the case unless you passcode-protected the phone (which is NOT the same thing as a SIM PIN).
     
P
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status: Offline
Reply With Quote
Oct 2, 2013, 08:39 AM
 
Originally Posted by TigerN28763 View Post
The advertising hype is this passwordless system is completely independent of sim & other methods of accessing the phone. until 7.0.2 i had no password. someone could pull my sim card or connect the 5s to any computer and never access the on board data. i never had an issue. that is until the update which tossed all that security out forcing us back to an insecure password. that is bogus and false advertising. We are back to insecure 4 character login passwords. no 5s device it otherwise. flame all you want, but 4 numbers are not hard to get.
There are several different things here:

* Your SIM PIN. That is a 4 digit number that is required for any phone to access the SIM after being turned on. This can be disabled in the settings, but it is 4 digits exactly. After enough failed attempts to enter it, it will be disabled, and you need to enter your PUK code to unlock it. This is a much longer code that cannot be changed - it's probably in your subscriber info if you're missing it.
* Your iPhone passcode. This can be very long, but if you have the "simple passcode" on, it is also 4 digits. This is a different 4 digit number from your PIN, however.
* Your Apple account password, required to buy stuff from the App Store, for instance.

The fingerprint sensor potentially replaces the last two, but you still have to enter said passcode every now and then - apparently to make sure you did not forget it - and one of those times is when you turn on the phone. 7.0.2 didn't change this. If you are worried about security, disable "simple passcode" and write a password that is as long as your arm if you like.
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
     
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Oct 2, 2013, 11:27 AM
 
Originally Posted by P View Post
your PUK
Reported.
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Oct 2, 2013, 01:02 PM
 
PUK you.

-t
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 06:54 AM.
All contents of these forums © 1995-2014 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2014, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2