By John Gruber
Next-generation Apple device management for macOS, iOS, iPadOS, and tvOS. Request access.
For many years now, iOS has offered an option in the Passcode section of the Settings app: “Erase all data on this iPhone after 10 failed passcode attempts.”
I’ve long been intrigued by this setting, but never turned it on, out of the vague fear that something could happen and I’d wind up with a wiped iPhone. Say, if a “friend” surreptitiously took my phone at a bar and entered 10 wrong passcodes as a prank. Something like that.
I asked on Twitter over the weekend how many people use this feature, and over 4,000 people responded to the poll. One-third use the feature, two-thirds don’t. Among those who don’t, the most common response, by far, is that they don’t use it because they’re the parents of young children, and they fear that their kids will trigger the erasure of their phone.
I had no idea until I looked into it last weekend, but it turns out this feature is far more clever than I realized, and it’s highly unlikely that your kids or jackass drinking buddies could ever trigger it. After the 5th failed attempt, iOS requires a 1-minute timeout before you can try again. During this timeout the only thing you can do is place an emergency call to 911. After the 6th attempt, you get a 5-minute timeout. After the 7th, 15 minutes. These timeouts escalate such that it would take over
3 hours to enter 10 incorrect passcodes.
[Update: 3 hours is incorrect. According to Apple’s own iOS Security Guide (page 15), it would take one hour and 36 minutes. Attempts 1-4 are “free”. There’s a 1-minute delay before the 5th attempt, 5 minutes before the 6th, 15 minutes before the 7th and 8th, and a 60-minute delay before the 10th.]
It seems pretty clear from the responses to my poll that I wasn’t alone in thinking that this feature was more dangerous than it really is. I’ve got it turned on now, and I can’t think of a good reason why anyone wouldn’t enable this.