What to Do If Your iPad Gets Disabled By Too Many Passcode Entries
I gave my mother an iPad for Christmas. She had a Mac in the past, but after it died, she started using an old netbook running Windows XP that I had left lying around her house. The Asus 1000HE, dating from the first days of the Obama administration, was literally wheezing and I didn’t even want to imagine what security vulnerabilities its copy of the long-abandoned Windows XP had.
The iPad was her first iOS device, and she was thrilled, especially with Touch ID. But I failed to explain that Touch ID would require her to enter her passcode every few days. And when we had set up the iPad, she had insisted on an alphanumeric passcode. So when it prompted her for a passcode, she entered her Apple ID password. And again. And again.
Until finally, the tablet seized up, displaying this message: “iPad is disabled; connect to iTunes.”
After I ranted about this situation on Twitter and in our TidBITS Slack team, I discovered that most techies don’t even know that this is something that happens, because they don’t forget their passcodes!
Alas, I know this problem all too well because I have a tech-addled toddler who likes to use the iPad Lock screen as a drum, so he disables his iPad regularly. And before you ask, no, this feature is not related to the Erase Data feature in Settings > Touch ID & Passcode that erases the data on your iOS device after 10 incorrect passcode entries. This is a built-in security feature that cannot be disabled.
How many incorrect passcode entries it takes before the iPad locks is up for debate. Apple’s support document says six. In my testing, that isn’t true. It took only five tries with random passcodes to disable my iPad for 1 minute. However, Apple seems to have measures in places to prevent accidental disabling. I tried 1111 as a passcode over 20 times without disabling the iPad. I then entered 9874 another 20 times with no problems. But after that it took only three random passcodes, without entering the right passcode to reset the count, to disable the iPad.
Once you kick off the process, it works like this: the device is disabled for 1 minute. There is no way to bypass it being disabled — you just have to sit in time out like a naughty child. Once that time is up, you get one chance to get the passcode correct or your device is disabled for 5 minutes. Get it wrong again and it’s disabled for 15 minutes! The next failure disables it for another 15 minutes. After that, 1 hour. Get it wrong one more time, and you won’t be able to get in directly on the device ever again. Your only solution at that point is to erase all content and settings and restore from backup.
As I’ve worked on my test devices to replicate this behavior, I’m amazed at how persistent my mother was in entering the wrong passcode. But I think one of the design mistakes Apple made here was in not explaining why the iPad is disabled. The more technically adept will likely figure out what’s happening quickly, but it’s not necessarily obvious to a less experienced user what’s going on.
A more helpful message would be “iPad is disabled for five minutes for your security. Please verify that your passcode is correct and try again.” At the very least, that would ensure that the user had been told explicitly what they had done wrong.
How I Fixed It — If your iOS device is disabled, the main way to fix it is to use iTunes to erase it and restore from backup. So instead of this being a simple confusion I could clear up over the phone, I had to head to her house with my MacBook Pro in tow. To add insult to injury, since my MacBook Pro only has Thunderbolt 3 ports and her iPad only came with a Lightning to USB cable, I had to dig out an adapter.
(To those who would point out that I could have loaded iTunes on my old netbook, no, that wouldn’t have worked because the current version of iTunes requires at least Windows 7.)
If the device has been synced with iTunes, erasing and restoring is reportedly a relatively painless process. But since her iPad had never been synced to my MacBook Pro, I first had to enter recovery mode by connecting it to iTunes and holding the Sleep/Wake button and the Home button until I saw the Connect to iTunes screen. That technique works on all iPads, iPod touches, and older iPhones. If you have an iPhone 7 or later, the process is slightly different:
- iPhone 7 and iPhone 7 Plus: Press and hold the Side and Volume Down buttons until you see the Connect to iTunes screen.
- iPhone X, iPhone 8, and iPhone 8 Plus: Press and release the Volume Up button, press and release the Volume Down button, and then press and hold the Side button until you see the Connect to iTunes screen.
Once I connected to the iPad via iTunes, recovery was as simple as clicking the Restore iPad button. You may see a prompt that says there was a problem with your device that requires it to be updated or restored. If so, click the Restore button on that window.
Note that restoring your device requires iTunes to download the latest version of iOS, regardless of whether or not it’s installed on your device already. And also note that your iOS device will remain in restore mode for only 15 minutes, so if the download takes longer than that, you’ll have to enter that mode again. So having a fast Internet connection is key during the restore process. Unfortunately, my mother didn’t have a particularly good Internet connection at the time, so I had to go home to my fiber connection, restore the iPad, and then bring it back.
I later learned that there is another solution to this problem that’s easier, doesn’t require a Mac with iTunes, and can be initiated remotely: Find My iPhone, also known as Find My iPad (the name changes per device). You’ll need another computer or iOS device for this, but if you open the built-in Find My iPhone app, either in iOS or on iCloud, choose the disabled device, and tap Erase iPad, you can erase the device. However, if Find My iPad wasn’t enabled and you don’t have access to a Mac with iTunes, you’ll have to drive to an Apple Store to get it fixed. That’s right — the last-ditch solution is to take your disabled device to the Genius Bar and get Apple to reset it.
Note too that if Find My iPad is enabled, that turns on Activation Lock. So, when you’re setting the device up again, you’ll have to log in with the previous Apple ID credentials that were associated with the device to prove that it’s not stolen.
Thankfully, this story had a happy ending. I’d set up my mother’s iPad to back up to iCloud and restoring that backup brought back all of her apps, already logged in, so it didn’t take long to get back up to speed. I worked with her to set up a new numeric passcode and even turned on two-factor authentication for her Apple ID at her request. That was a few weeks ago, and so far, so good.
Further Thoughts — During this minor drama, I learned a few things about setting up iOS devices for others. Don’t set up an alphanumeric passcode, even if they request it. Make them come up with a numeric passcode. It’s just too easy to mix up the passcode and Apple ID password. Also, whatever security measures you set up, be sure to explain them thoroughly.
I also have a few suggestions for how Apple could improve this feature. First, let us turn it off! I don’t even see why it exists — iOS already has a feature that will wipe the device if the passcode is entered incorrectly enough times. I understand and appreciate Apple’s dedication to security, but some devices need less than others. My mom’s and son’s iPads have nothing on them that’s more sensitive than what kind of YouTube videos they like — a six-digit passcode is more than enough security on its own. And on top of that, I can wipe these devices remotely with Find My iPhone.
Worse, this feature can render a device completely useless and potentially cause a user to lose data, if the device wasn’t set to back up or its backups were failing for some reason. I’ve never seen a non-optional security feature that could brick a consumer-level device even if an authorized user could later authenticate themselves.
At least in theory, someone with access to your iPhone or iPad could lock it in this way just to be annoying. There should always be a way for an authorized user to gain access to a disabled device without having to turn to another device or computer, perhaps by entering your Apple ID credentials.
I couldn't agree more that we should have the option to not use a passcode on our iOS devices. My 89 year old mother cannot remember any of her passwords. She had to quit using an iPhone because of that. She sometimes gets locked out of Skype for video chatting and that is a very important thing for her to be able to do.
You can leave the passcode off if you wish. Go to Settings > Touch ID & Passcode, and tap Turn Passcode Off.
Great description of the problems that you and your mother faced, and options for recovering from the lockout. I will take issue with your proposal of "a more helpful message". You suggest the text, "Please verify that your passcode is correct and try again." For a user like my mother, and many of my friends, this message would be worse than useless. Here are a few of the problems: 1) The only way they have to “verify that the passcode is correct” is to type it into the device. That is what led to the problem in the first place. 2) When they see “try again”, they are likely to try again as soon as they read those words. If this is not the intention, then the instructions should be altered. 3) The message gives no hint as to WHICH passcode it is referring to. Apple is insanely non-specific and inconsistent about this, frequently referring to “your passcode” with no help for the user to understand whether the desired password is for the device, an account, an admin account, AppleID, iCloud, or an application. Sometimes there are hints and sometimes there aren’t. For many of my friends who use iOS and a Mac, they feel lost whenever they are presented with password demand.
Two-factor identification ought to be a good thing, but I find that some aspect of the Apple ecosystem “forgets" something about a login roughly once a week, and asks me or my wife to type in a password. Like dutiful minions of our computer overlords, we used to respond by typing in the needed password. A big mistake! This immediately triggers the need to confirm the login with a different device. We now know that we should never respond to a password request, unless we have two devices at hand, and the time to go through the verification process. It’s crazy that I can’t rely on my iPhone for normal activities as I travel around town, or out of town, and must always have two Apple devices available to me on any significant trip. The need for this procedure seems to be triggered randomly by iCloud, Mail, every browser, Calendar, Messages, AppleTV, switching user accounts, and probably several other programs and activities. This repeated need for two-factor authentication, over and over again, greatly decreases the utility and ease of use of our devices, and ultimately of our account security. I know that not all users see the same frequency of Apple devices losing their logins and connections to cloud services, but plenty of us have this problem much too frequently.
Good insight, and as I said, it was only a suggested phrasing. Maybe something like "iPad disabled. Are you sure you have the right password?" It seems like Apple's dialogs used to be more conversational.
The erase data option in the settings says that it will trigger after 10 incorrect tries. Does that mean it's impossible to ever actually reach that limit? That's absurd if so.
I work with Seniors. Often they only have one device. No smartphone or cell phone. Landline. No computer. It is not just an apple problem. I am trying to set up an echo dot for someone. They have no computer or cell phone. Have to set it up under mine. (I am a Psychologist, not a family member, since they don't have any family alive. Lots of holes... in all these systems.
From what I can tell, no matter what, an iOS device is disabled after ten incorrect passcode attempts (of course, as I discussed in the article, that's a variable number).
The problem with Apple letting users turn off the feature about which you complain is that it will encourage thieves to steal devices. As it is now, a stolen phone is completely useless to those bad apples. If you make some devices with less security, you give hope to those ne’er-do-wells that maybe some stolen devices will work. Sorry, but I don’t think we should encourage iPhone muggings. And the Attorneys General in New York City & San Francisco agree.
No, as the article says, changing this feature wouldn't make any difference at all in the theft scenario, as long as Find My iPhone/iPad/iPod is enabled. Then Activation Lock remains in place and prevents a stolen device from being used again.
But you can turn off Activation Lock by disabling Find My iPhone, and Activation Lock was created at the request of those cities due to high theft rates.
Our they could implement the same Samsung feature where you can log into the device remotely with your Samsung account and just reset the password without having to delete the whole thing and start again.
I had the same problem with my mother's iPad and she had no backups despite my reminders ("too much hassle"). You can control a fair bit of passcode behaviour by using Apple Configurator 2, including the maximum number of failed attempts before erasure. Setting that to a low number (eg 3) bypasses the back-off delays. On the third wrong entry, boom, the device is erased with no warning. Not much good for the mum/toddler situation but great if you want to minimise the risk of sensitive data falling into the wrong hands. What is more useful for the mum-or-toddler scenario, providing you are willing to "supervise" the device, is creating an unlock token which you can force-feed into a locked device to unlock it, or unilaterally clearing a forgotten passcode.
What is clear from this discussion is that there is no "one size fits all" solution to security on iOS devices. Sadly, multiplying the solutions for specific circumstances also multiplies the confusion. So, I will save this article because, as it is, there is no way to remember the current iOS security system. There's no way around it, security is a pain in the neck.
When I was a trainee teacher of Maths, I quickly realised that most people struggle with numbers. For example, when a Member of Parliament in Britain asks a question the Minister invariably replies with plenty of statistics to deliberately obfuscate and confuse, thus ensuring that the questioner cannot ask a _sensible_ supplementary question.
Accordingly, I am cautious about recommending a purely numeric password for anyone who isn't good at maths.
* Depending on the vehicle and country, it might be possible to use the registration number of the first car you travelled in as your passcode. In Ireland and Britain, this will be something not unlike ABC 123
* Or use a six letter word in another language.
* Use numbers in place of certain letters, e.g. if you were to use something like my first name, "Pascal", you could have 727225
* Alternatively, begin by writing PASCAL down in block capitals as on your keyboard.
The "P" is the number "9" backwards
The "A" is the number "4" simply by snipping off the left leg and sticking it on the right of the crossbar.
The "S" is the number "5" backwards
Leave the C as it is.
"A" becomes "4"
The "L" is the number "7" upside down
Now you have 945C47
Using the above example, the number keys on a computer offer:
IZEASGLBPO for 1234567890
Now you can go alphanumeric with your favourite city:
DUBLIN = DU871N
GALWAY = 647W4Y
NEW YORK = N3WY0R with the k missing
ITHACA = 1TH4C4
If you want to go weird with this, you could argue that "W" and "M" become "3" when rotated, and "N" becomes "2". Throw in a smattering or Roman numerals and "V" becomes "5" and "X" becomes "10". Aah, here.
* Or use the phone number of your first gf or bf or your parents first phone and swap a few letters for numbers.
* Or use the the postcode of someone from your past.
* Or use the Dewey Decimal of your favourite book.
Much of this applies more to passwords than to passcodes. Naturally, nothing beats a password manager
As Fathers Ted and Dougal put it outside the cinema: "Careful now"
It is fairly easy to come up with a reasonably safe, easy to remember password/passcode. If you only need one. Having to remember multiple passcodes is hard for almost everyone. Even if a person has only one device, they still will need several passwords. Worse for the memory challenged (all seven billion of us), is that most computer systems require changing the password, sooner or later. Remembering a new password, and forgetting the old one, is very hard for my parents, and many friends. A password manager is a great solution for me, and for many people. However, this, too, is beyond the capabilities of many users.
For what it’s worth, here are my current recommendations for my parents, etc, to manage the small number of critical device passwords, such as for the iPhone, iPad, and Mac. The strategy has four parts: 1) Write the passcode down on paper, and store that paper in a standard place. Write each new version down on the same piece of paper, in order. 2) Keep that piece of paper in a folder in a file cabinet. 3) Label the paper and the file folder with something other than “My password list”. 4) Include some system of personal “salt” in every password, as it is written down. For example, my father’s “salt” might be his middle name “Rex”. He will never create a passcode that contains any of these letters. But he will add at least two of these letters, perhaps repeated, to any password that he writes down. When he needs to look up a password on his list, he just skips every occurrence of the letters [r e x]. In the unlikely case that someone would find the paper and guess that it contains passcodes, they would discover that none of them work, and they won’t know how to remove the “salt”.
The time may come when even this system is too difficult for my parents. At that point, I will become an even more involved password manager for them, and I will expect a lot of phone calls.
Hi Derek, I like the 'salt' idea.
This has been an interesting discussion. I haven't embraced the two factor identification because if I am travelling I only have one device with me. My password manager works well for me but is just annoying for my wife. I will try using some of the suggested alternatives along with the password manager.