This Guy's iPhone Passcode Is Too Damn Long

This Guy's iPhone Passcode Is Too Damn Long

It really is. How does he even remember it? I have no idea!

Japanese Twitter user yossy1999116, it seems, originally uploaded the clip, writing, "There's this amazing dude on the subway..." I've seen other videos of people with long passcodes, but this is the first time I've seen someone out in the wild with one this staggering.

The clip has been retweeted nearly twenty thousand times.


Comments

    And now everyone knows the passcode and he's gotta change it, FUCK!

      i don't know what his passcode is... do you?

      Last edited 11/11/15 12:12 am

        It looks like the screen's visible the whole time, if you checked it frame by frame you could probably figure it out. Not that it'd do you any good because nobody knows who the guy is and nobody has access to his phone =P

        32165465168432465432136543213654321213216543213241.

    I'm gonna assume it's not the numbers he's remembering, but a sentence or something...

      Yeah, thats most likely it. I use a couple of combo's for passwords, some of which are based on the good old numpad, and what corresponds to what letter. Others are an abbreviated sentence that makes sense to me (I saw a cow at the farm when i was 10 becomes [email protected]) and relatively easy to remember.

      Or the opening sentence in my favorite book, or something like that. It might look complicated, but thats only because it has a personal encryption over the top, with the key pretty secure in the persons head.

        Yup, long l3375p34k sentences with combinations of words that I swap around is my method as well. Nothing like a password like 4lph4br4v0ch4rl13d3l743ch0 to keep an account secure.

        Edit: I should mention *except* on my phone. I have my phone set to lock every time it goes to sleep and I could never be bothered to key in a 30 digit passcode every time...

        Last edited 11/11/15 8:36 pm

    Maybe he saw a catchy jingle?

    https://www.youtube.com/watch?v=ab8GtuPdrUQ&t=0m34s

      Or watches a lot of star trek

      https://www.youtube.com/watch?v=D71MTQc3VO4

    I'll just leave this; https://xkcd.com/936/

      I love XKCD but he did the entropy calculations from the wrong perspective in that strip. TLDR if you're not interested in why: use both length and mixed characters for the more secure passwords.

      Information entropy for passwords is relevant from the hacker's perspective, not the user's. The only factors are length and character set - the individual character choices don't matter, only the set they're drawn from. His first password has 6.555 bits per character, his second only 4.7; the second is more secure mostly because it's much longer. If he'd used the same character set from the first password with the length of the second, the password would have 30% more entropy. Even just using upper and lower case characters would make it 18% stronger.

      The numeric set only, like keypad codes? Only 3.3 bits per character. Never use numeric passwords if you can at all help it.

        Does it matter whether your password is all numbers or all letters, so long the password field type is not limited to either? Unless the hacker knew beforehand, he'd still have to go through all possible combination right?

          It matters because brute force attacks often limit themselves to common character sets first and expand them later. It produces faster results to only inspect the lowercase alphanumeric set first (a-z, 0-9) up to the character limit they're testing and only if it doesn't find a hit, expand the set to include other ANSI characters. Most 'Average Joe' passwords are in the form 'hunter2' so it catches them faster. Including at least one character from different sets tends to foil that type of approach.

          The benefit is from using characters from different sets. upper case, lower case, numerals, and special characters. If you use Password instead of password, that capital P makes it twice as hard to crack or something like that, because it means they need to cycle through 52 characters instead of 26. Add numbers in, its 62, add specials its near 100 from memory. Too lazy to count :)

          But by increasing the character pool, its longer to go through all the combo's so it adds protection. Not from them cracking it, brute force attacks will eventually work, but because they are more likely to find other hits first and be satisfied.

          Little tip though. Common words arent going to cut it, because one of the standard brute force attacks is to cycle through a dictionary of known passwords (and substitutes), as a quick filter across what they are trying to crack. [email protected] is no safer than password, despite using lower case, upper case, numbers, and specials, because those substitutes are factored in when doing the basic sweep.

          I have a sibling that researches and lectures in this field, and some of the stuff they've commented on is scary. There's a LOT that goes on that people are blissfully unaware of, mostly because its one of the most boring subjects you'll ever hear, but theres a lot that does happen behind the scenes.

    My phone never leaves my pocket, unless I'm around people I trust with my phone. Never used a passcode and hope to never have to.

      Yeah, passcodes take too much time to bother with. I'd much rather just pull my phone out of my pocket, hit the slider on the side and have instant access to what I want to do.

        My 6+ is set with my thumb/finger print to open it, so I've gotten into the habit of grabbing it out of my pocket with my thumb and forefinger, and by the time it's level with my face it's already unlocked.

      it's not about trusting your friends it's in case (touch wood) you ever get robbed or lose your phone. An old colleague had his phone stolen, the thief sent abusive messages to all sorts of people in his phone, including his ex wife. Not a fun time for him clearing it all up.

        I figure that I'll notice my phone gone pretty quickly (as I said, its in my pocket or in my hands) and have time to call vodafone and get it locked. Then I'd post a msg to fb via any of the other devices to beware any contact from my old number.

        To me the risk of it being stolen is negligable enough to not worry about needing a pin code. I certainly hope that I never am in a situation where I feel one is necessary.

    What I want to know is... why was he videoing this guy entering his password in the first place?

    'Hey, I'm just gonna video your password. I'm then going to follow you off the train, drag you into a dark alley, steal your phone and brutally murder you.'

    Anyone notice his last press on the screen before it unlocks is above the keypad?

    Fake?

    I'm not really sure how I feel about an article that is essentially promoting a breach of privacy and security. I know we never see the person's face and there's ambiguous laws around recording things in public spaces but it's still promoting a message that it's ok to record other people entering PINs and passcodes.

    how does this stuff make the news?

Join the discussion!