When someone tries to access your iPhone or iPad by guessing the passcode, it will initially lock them out, increasing each interval with each failed attempt. You can however, set it up so that it fully erases your device after 10 failed attempts.
Here’s a situation that we can all imagine happening. Let’s say you leave your iPhone in the back of a taxi, or it falls out of your pocket while sitting on a park bench. Someone with questionable scruples finds it and tries to guess the passcode.
First, if you have a six-digit passcode enabled, there are one million possible combinations. Of course, if you use a computer to somehow brute-force attack this passcode, it wouldn’t take long for it to figure it out. Luckily, iOS employs time delays where the device locks itself after too many failed passcode attempts.
For example, if you make 5 failed attempts, your iPhone will lock for 1 minute, 6 attempts will lock it for 5 minutes, 7 will lock it for 15, and anything more than that will lock it for 1 hour.
That might be enough to dissuade casual data thieves, but there’s always a chance that someone could get lucky and guess it with another few guesses, which is why you should try to use a random or hard-to-guess number. Don’t just use something like 1-1-1-1-1-1 or 1-2-3-4-5-6.
Making Device Self-Destruct
There is another option: you can completely wipe your iPhone or iPad after 10 failed attempts. (Make sure you keep backups if you enable this, though.)
This option is off by default. To turn it on, first open the Settings and then tap “Touch ID & Passcode”.
You will need to enter your passcode to access these settings.
Scroll to the bottom of the Touch ID & Passcode settings and tap on “Erase Data” to enable the self-destruct feature.
It’s advised that you make frequent local backups of your data using iTunes after this is enabled–otherwise, if your phone gets erased, your data will be gone for good. Also, if you’re concerned about somehow forgetting your passcode, then try using a custom alphanumeric code.
It’s probably a good idea that you commit your passcode to memory first before turning on the erase data option, or turn it off temporarily whenever you change your passcode to something else.