iPad Air Odd behavior when powering off/on wrt. passcode

[OldCorpse]

I have the iPad Air 3, and am on iPadOS 14.3.

Here’s what I find strange. When I power off the iPad completely, and then some time later I power it back on, the black screen comes on, and asks for my passcode with the message that when the device is powered on, you must put in a passcode. Fine.

So I go ahead and start putting in my passcode - it’s pretty long at 18 alphanumeric characters - before I manage to put in the whole passcode, the input field vanishes and the whole screen goes black. And that’s the way it stays. Now, if I at that point press the home button, it takes me to my desktop - completely ignoring that I was supposed to put in my passcode AFTER BEING POWERED OFF - and I have to press the home button again to bring back the passcode field and then I put in my passcode and then it unlocks the iPad.

Isn’t that strange behavior?

It used to be on my iPhone and iPad, back on I think os 13 or so, that when you powered the device back on after having it powered off, it would demand a passcode and you could put it in, it waited, it NEVER on its own went black in the middle of this process and then took you to your desktop when you pressed the home button! This is bizarre!

In fact, it is behaving as if I NEVER POWERED OFF, it’s behaving as it does when the screen goes dark after a period of inactivity and then you need to input your passcode to unlock it again - so like “waking” it, but not like after having it powered off!

Anyone else see this? What does this mean? Does it mean the security is compromised as usually the highest level of security is when it is FIRST powered back on after being powered off. Any ideas? Thanks in advance!

 

[DeltaMac]

You said that even though it shows the desktop (I guess you mean the home screen), it is not yet unlocked, and you still have to completely enter your passcode before it unlocks -- unless I am missing something, how would that be a security issue (it's not unlocked until you complete the passcode) (?)

 

[0128672]

In addition to what DeltaMac asked, when you say that it goes to the home screen, is it the locked home screen or are you able to see apps?

 

[OldCorpse]

Yes, it’s the desktop without apps, and yes, I still need to enter the passcode.

But, like I explained - ordinarily (at least in the past), when you POWERED OFF, you had to put in the passcode with a black screen NOT, NOT, repeat NOT the desktop screen! And why does it first ask for the passcode and then NOT LET YOU PUT IT IN, before going blank and making you hit the home button and ONLY THEN asking for a passcode - sounds like a bug!!

As to how it is a security issue - read a recent article (see front page from a couple of days ago), where they distinguish from inputting a passcode AFTER HAVING POWERED OFF, which is HIGH security, to having to put in passcode only when the screen went to sleep, or you switched off but did NOT power off... that is low security and easily broken into.

My point - does anyone else see this behavior, which is NEW in my experience after coming from iPadOS 13.

 

[Apple_Robert]

The problem with the screen going black when trying to enter your passcode is due to the passcode, as to length or some combination of characters that is triggering the bug. I have encountered that problem a few times when attempting to enter a complex passcode on my phone or iPad. I highly suggest you reduce the character length first. If you go to 12 characters and the black screen is still being triggered, then you know it is due to one of the character combinations you are using that is triggering the bug. That should resolve your problem.

 

[OldCorpse]

Thanks, Apple_Robert, I guess I’ll just live with it, as shortening or simplifying the passcode defeats the purpose - why make the device insecure? It’s just dismaying that a bug like that exists at all... what does it say about the Apple security and privacy engineers when an ordinary user - by no means a hacker - can trigger absurd bugs in such a fundamental feature. Oh well.

 

[OldCorpse]

Oh, one important fact! My iPhone on iOS14, doesn’t do that. It behaves normally. After restarting, it demands a passcode and stays on the black screen until you input it and hit enter. Definitely a bug on iPadOS 14.3!

 

[mikiee]

Thanks, Apple_Robert, I guess I’ll just live with it, as shortening or simplifying the passcode defeats the purpose - why make the device insecure? It’s just dismaying that a bug like that exists at all... what does it say about the Apple security and privacy engineers when an ordinary user - by no means a hacker - can trigger absurd bugs in such a fundamental feature. Oh well.

Isn't there a setting whereby the device is completely erased if someone enters the wrong passcode 10 times? There is on my iPad 8. If you have a 12 character password, and someone can guess that in 10 tries, then we're all f'd.

 

[OldCorpse]

Sure, there’s such a setting, but it’s completely irrelevant, as it stops only casual snoops, like a kid or such. Actual hackers or more serious intruders have ways of totally bypassing this limitation. They use gizmos which can do unlimited “tries”, and are only defeated by complex passcodes of at least 12 characters. Just one example of many:

Grayshift - Wikipedia

en.wikipedia.org

Russian hackers are not going to be stopped by these silly settings. Only serious passcodes stand a fighting chance. Which is why these bonehead bugs are so disappointing from Apple.

Stay safe - use proper passcodes. In this day and age, it’s imperative.

 

[AutomaticApple]

Yes, it’s the desktop without apps

Only your wallpaper will show?

 

[OldCorpse]

Yes, only wallpaper. Btw. I don’t think it’s the length or complexity of the passcode that triggers this bug, because it happens by the time I’ve put in only 5 characters of nothing exotic.

 

[ckoerner]

@OldCorpse, do you live in a situation where a shorter password is a serious risk? Could you try using a shorter password for say just a day to help troubleshoot the bug?

 

[OldCorpse]

See my post above. A shorter passcode doesn’t troubleshoot the bug. It’s triggered already by the fifth character... l think about 99.999% of users use passcodes that are at least 5 characters!

 

[secretk]

I think that this might be a bug but I would not consider it security bug, just a bug. It seems that iPadOS has two behaviors. The first one is right after powering on the iPad and it shows black screen. The second one is an attempt to unlock the iPad and it shows blurred background. In both cases it asks you to enter the passcode to be able to access the iPad. Btw I do not think that it is about the security code length. And even if it was, it if was above 5 symbols and I assume most people use at least 6 than it happens for everyone.

Now as to why it is not security bug - because no sensitive data is shown. If hackers can hack your passcode, it does not matter if it is black screen or blurred desktop. They will do it either way. The only reason I would consider it security bug would be if the checks on iOS are different and if you say enter 5 times wrong passcode with black screen, your device is erased, but when it is lock screen it is say 50. Then yes, this is a security bug. If the behavior in terms of device erasure is the same however I would treat it as a normal bug.

P.S: There was annoying security bug in iOS 12 however. Not sure if this is still the case as I tweaked my settings. For some weird reason it would show you notifications even if you have not unlocked your device. That IMO is a security issue and should not even be allowed. Problem is this setting was (at least then) on by default and the default behavior was vulnerable. I had to specifically read about this vulnerability and remove it.

 

[OldCorpse]

I think that this might be a bug but I would not consider it security bug, just a bug.

You might be right. But um... read on!

Now as to why it is not security bug - because no sensitive data is shown. If hackers can hack your passcode, it does not matter if it is black screen or blurred desktop. They will do it either way. The only reason I would consider it security bug would be if the checks on iOS are different and if you say enter 5 times wrong passcode with black screen, your device is erased, but when it is lock screen it is say 50. Then yes, this is a security bug. If the behavior in terms of device erasure is the same however I would treat it as a normal bug.

Yeah, this is where we don’t see eye to eye. The security bug is NOT because of “no sensitive data is shown”. It is an entirely different problem, which is a completely different state of the device BFU (Before First Unlock) and AFU (After First Unlock). It has nothing to do with what you can see on the screen. It has to do with level of protection that Apple applies - in BFU, it applies something called Complete Protection that does not happen in AFU it is explained in this article (which also was featured on Macrumors):

https://9to5mac.com/2021/01/14/johns-hopkins-ios-vulnerabilities/

Quote:

When data is in the Complete Protection state, the keys to decrypt it are stored deep within the operating system and encrypted themselves. But once you unlock your device the first time after reboot, lots of encryption keys start getting stored in quick access memory, even while the phone is locked. At this point an attacker could find and exploit certain types of security vulnerabilities in iOS to grab encryption keys that are accessible in memory and decrypt big chunks of data from the phone.

The rest of the article is also well-worth reading. In any case, the point is not, NOT that you can see something on the screen, the problem is that hackers can get into your device with ease in case of AFU, but not with BFU. That’s why I was so struck by the problem of what happens when I FIRST POWER ON my iPad - it is NOT being protected with Complete Protection, because the bug takes it directly to a state of AFU! In other words, you see the wallpaper because it’s as if you’re merely ”waking up” the device with the passcode, and not RESTARTING with a passcode. That’s a very, very serious bug.

Again, I don’t know if that’s what’s happening, but it is extremely concerning that while the iPad demands a passcode upon first powering on, it doesn’t NEED IT, it IGNORES IT, and takes you directly to the desktop wallpaper as if you’re now in AFU, i.e. NOT in Complete Protection.

THAT is the issue. It means that THERE IS NO WAY TO ACHIEVE COMPLETE PROTECTION by powering off, as you can on the iPhone. Your iPad is permanently insecure. And that, friends is an extremely serious bug. Your iPad is NOT protected, except against script kiddies and low level casual snoops and THERE IS NO WAY TO PROTECT IT, PERIOD! Your privacy and information integrity is severely compromised - unacceptable!

 

[DeltaMac]

Have you tried a full restore of your iPad?

 

[OldCorpse]

FWIW, the bug is still there in iPasOS14.4. I updated yesterday.

No restore, as I have stuff on here I don’t want to lose, and I don’t have a backup anywhere (I’m not using iCloud with this device).

 

[DeltaMac]

"bug"? ... or some kind of settings corruption on only your iPad?

You are not required to use iCloud for a device backup. I have done a full restore on various Apple devices, and never use iCloud for the backup. You have the choice to do an iCloud backup, or local backup (either iTunes, or Finder on systems since Catalina). Back up in Windows would also be either iCloud, or iTunes -- your choice.

Updating your system is NOT the same as a full restore. If there is some kind of corruption in the settings, an update may or may not fix that kind of issue. Maybe a full restore it won't help your issue, but at least you will know that helps (or does not change your situation at all)
Consider using a shorter passcode when you do that restore. If that works as you expect, then return to your longer passcode. If you try a 6 character passcode, and you STILL get your active background at 5 characters, even after a restore, maybe AppleCare would be a good next step for help.
I have not found another report with a similar experience. I can't say that there are no reports, only that I have not seen others. Have you found any other reports of a problem like yours?