Wednesday, May 14, 2008

Fingerprints Help Crack iPhone PIN Security

Via ITToolbox -

I was helping a friend of mine with her new iPhone today. She finally gave in and bought one after watching me use mine on a daily (sometimes minute-by-minute) basis.

Like most new iPhone Users, she was constantly cleaning her screen after a few uses. (Note to friend: you'll get over that in a month or two)

I adjusted a few icons on her iPhone for her and returned the phone to her. She cleaned the screen again and locked it. A few seconds later, she received a SMS message and unlocked her phone. After logging into her phone she handed it to me and said that she had to use the "little girls' room" and would be right back - but would I please see why her iPhone wasn't retrieving her mail properly?

"Sure" I responded - but first I had to pour another cup of coffee. And wouldn't you know it - out of pure habit I locked her iPhone before I sat it down on her counter.

I picked up the phone with some coffee goodness on the table in front of me and swiped my finger across the screen to begin.

Oops! I'm prompted for a PIN number. Just as I was about to panic I realized that I could clearly see the smudges above each number on the PIN screen: 2, 5, 7 & 9. Gee, I wonder what her PIN could be?

2579? Nope.

2759? Nope.

2795? Nope.

I started cycling through combinations and wouldn't you know it...

5927... *click*. The iPhone was unlocked.

This made me wonder - Apple, why don't you offer a "scramble pad" feature on the iPhone?


This is pretty cool. Definitely not a new idea, as this technique as been used for access keypads and safe locks for quite sometime.

But it is a clear example, of how sometimes the smallest little thing can have a very big impact on security.

Hopefully, this isn't her ATM pin as well ;)


  1. you got me worried. Any idea where can i get any add-on security software cos i have lots of personal infor on my phone...
    avg virus protection

  2. Hey Jared,

    Sorry buddy, but I don't have an iPhone, so I can't really recommend any products or solutions.

    In my mind, the biggest security threat to mobile devices is theft or just plain losing them. Leaving them in the airport or the taxi, or in the coffeeshop. This stands for all mobile devices, including laptops.

    Hopefully, you encrypt any sensitive information that you have on your phone...iPhone or not.