Hector Martin

(Crap now I have to change my passcode.)

In all seriousness, if you’re using the alphanumeric option to pick a *non-random* passcode (as most people do) then it’s much harder to tell how much password strength you’re getting. Some, a lot. Some less than they think.

In practice (given the apparent limitations of current iOS attacks) it’s probably fine to use an alphanumeric passcode. It may be very secure. The real question is whether it’s worth the hassle of using the non-numeric keypad.

So in summary: random (long) numeric passcodes may be a more ergonomic choice for a given security level, especially if you force yourself to memorize the thing over a week or two (even if that involves carrying a post-it during that time.) But do whatever works for you.

Honestly, this is why I still prefer a (rooted) Android phone where you can set a long FDE passphrase and a simpler unlock passphrase. If you shut the thing down the key material is gone unless you can crack a long scrypted passphrase.

I understand the trade-offs Apple is making with their more complex security implementation (and Android is moving in that direction with file-based crypto) but I'd rather have a much simpler to analyze FDE approach.

The problem with FDE iirc was that for the phone to operate, keys must be in memory (so that binaries can be decrypted). The file based approach allow cleartext keys for non-essential files to be wiped from memory when the device is locked and to be encrypted with the passcode*

The OS is not encrypted, so the phone can boot and you can make emergency calls. However, to unlock the data partition (and thus boot the rest of the Android framework including all your user data) you need to type in your passphrase. This is a trade-off I'm willing to make.