Is the message "You must change your passcode within 60 minutes" valid / non-malware?
A few minutes ago, after unlocking my phone (iPhone 4, iOS 7.0.1) I got a dialog over the home screen:
Passcode Requirement
You must change your passcode within 60 minutes
and it offered to let me do so. I canceled. I've never seen this dialog before and I am worried it may be a sign of malware fishing for my passcode. Even on iOS 9.1, this dialog still happens:
There is very little on Google about this message, but what there is is:
- Someone else worried it may be malware, with no definitive answer (just "it can't be malware if it is not jailbroken", which is not true)
- Someone suggesting the passcode may be "too common" (IMO, unlikely for mine.)
- In both the above, a suggestion it may be related to a network profile, which I do not and never have had.
I changed my passcode manually, but am still worried about the source of the dialog and why it appeared. Is there a definitive answer?
This message is the case when either:
- Your device is enrolled under MDM and after deployment it will display something like image below.(https://www.apple.com/iphone/business/it/management.html)
- Your passcode is too obvious and needs to be changed
- Microsoft Exchange can force a passcode on your iPhone.
Obvious codes start with the following numbers:
- 196*
- 197*
- 198*
- 199*
- 200*
- 201*
But also include:
- 1234
- 0000 (or any 4 same number combination)
- 0001 or 0010 or 0100 or 1000 (or any number with this pattern)
- 1379
- 2580
- 2468
Go to Settings app > General > Profiles
- Delete any configuration profile that you don't want to keep, then delete any that control passcode.
- If Profiles is not near the end of the list (below VPN and above Reset >) then you may have no profiles and can continue to the next step.
Next, go to Settings app -> Passcode
- enter your passcode, turn passcode off, then set it up again
Lastly, Exchange servers can institute a passcode requirement, so you might disable any Exchange mail accounts - temporarily removing them from the device to see if the Exchange server was sending the message or setting any requirements. I don't know if this sets a profile or not, but will edit things if I can find a reference to how this works in practice.
You can choose your same pin again, but the OS will likely want to keep reminding you that a change is required until you clear the "warning". Enough people have reported that just "changing" the passcode doesn't work that something must be up.
If you have jailbroken the device, I might consider rolling back to a stock iOS for a bit and choosing an entirely more complicated passphrase for a while just in case it is some phishing attempt. Just because this is considered to be very unlikely doesn't make it impossible.
I had this problem tonight too. I "bit" before I thought it being malware, but it doesn't seem to have been malware. I changed my PIN and the phone reset, then the new PIN worked. BUT... the phone immediately asked for me to change the PIN again... now I was thinking Malware. I kept changing the PIN and it kept asking me to do it again. I used the tip earlier in this thread about too simple of a PIN and tried a 9 digit PIN and that worked, the message didn't return. Funny thing is that after, I was able to go into settings and set the PIN back to the 4 digit PIN that I had originally, no further messages.... yet.