If you have an Apple device new enough to have TouchID, you’ll need to start thinking of new passcodes for iOS 9. Apple is getting rid of the four-digit passcode in its upcoming software upgrade.
Apple is encouraging stronger passwords by requiring at least six digits and allowing longer alphanumeric strings. This will make passcode-protected phones harder to crack, since there will be one million permutations of the passcode instead of 10,000.
It’s an improvement, but it’s far from truly secure. For starters, horrible six-digit passwords like “123456” remain oddly common considering it’s 2015, and they’re even worse than a decent four-digit jumble of numbers. Brute force attacks will take longer, but a six-digit code is still vulnerable.
You could take advantage of Apple’s maximum passcode character limit and come up with a passphrase, but having to type in a complicated passphrase every time you want to check your phone would probably be very annoying.
Using the TouchID function and Apple’s new two-factor authentication in addition to creating a slightly longer passphrase that is absolutely not “111111” or [pet name] [your birthday] is the sanest choice.