Your Smartphone Passcode Should Be Six Numbers Long (Or Longer)

Many of us open our smartphones these days with a fingerprint or a face scan. But if those fail, or we don’t want to use biometric authentication, we rely on phone passcodes. While the default four-digit code is convenient to enter, it’s not as secure as a longer code. Here’s why.

The answer to this security question lies in simple math. A four-digit code contains 10,000 possible combinations, ranging from 0000 through 9999. That might sound like a lot, but consider this: Add just two more numbers—forming a a six-digit passcode—and that number jumps to 100,000 possible combinations (000000 through 999999).

By just taking the extra millisecond to enter two more numbers when unlocking your iPhone or Android, you add an additional 90,000 combinations between your information and a would-be intruder. That’s not a bad trade.

However, that’s still not as secure as you can make your smartphone passcode. If you really want to protect your phone, and the data stored inside, you could try an alphanumeric passcode—essentially, a password. Rather than four or six numerical digits, you could use a password as you would for any other device or account. A strong and unique password turns your iPhone or Android passcode from a guessing game into an unbreakable device.

It’s not particularly convenient, of course: Your passcode is frequently required, and tapping out a password full of uppercase and lowercase letters, numbers, and special characters will get old fast. That’s why we recommend the six-digit numbers: More convenient than alphanumeric password, but much more secure than the four-digit option.

But, please, whatever you do, don’t make your passcode all zeros (or 123456, for that matter).