Does iOS encrypt all the data on my device when I set a passcode to my iPhone

Excuse my stupidity, I know less than nothing about mobile phones OSes but I have been told that iOS encrypts your data when you set a passcode to your phone. This means even if someone stole your phone, took the storage unit out of the phone and mount it he will NOT be able to to examine your data as it encrypted. Something similar to what *nix OSes do when you choose to encrypt your home folder during the installation process.

My concerns are:

  • What type of data does it encrypt? it's hard to believe that my iPhone decrypts all my photos once I enter my passcode (assuming that iOS encrypted them)
  • How difficult is it to crack an encryption that is based on simple four digits?!

Yes, your iOS passcode will encrypt your phone's data.

Data protection enhances the built-in hardware encryption by protecting the hardware encryption keys with your passcode.

Source: iOS: Understanding data protection

Whilst it was generally unclear exactly what was encrypted in older versions of iOS, Apple have made it clear in their new privacy policy with regard to iOS 8:

On devices running iOS 8, your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes, and reminders is placed under the protection of your passcode.

Source: https://www.apple.com/uk/privacy/government-information-requests/


In regard to your question about how hard it would be to crack, it would need to try a maximum of 10,000 passcodes to get it right, so (I think) it isn't that secure if the hard drive is removed and could be decrypted. If you are worried about security, you can set a passcode with letters - you need to turn off Simple Passcode.


Addressing: "How difficult is it to crack an encryption that is based on simple four digits?!"

This is a deeper question than you might expect. And much of the following is over-simplified to save time and explaining background concepts. If you are talking about ios8 the answer is different than if you were talking about ios7 or earlier.

In iOS7 and earlier the phone could be imaged, and decryption of the image could be attempted on a desktop system with all 10,000 possible 4 digit pins more or less instantaneously. Also Apple maintained a separate key they could use to decrypt the device if served a warrant.

In iOS8 decryption must be performed on device as it uses a devise specific number (that cannot be extracted from the device) in addition to your pin for encryption; this also prevents Apple from decrypting the device under warrant so you are protected from various three letter organizations serving baseless warrants as Apple has no more advantage in decrypting your device over anyone else. This requirement to perform decryption on-device significantly slows the rate of attempts. If you have "erase data after 10 failed attempts" enabled, then this further slows the process as an attacker would have to image the phone, attempt 10 pins on device (with exponential backoff) and after that run of 10, restore the device with your image.

I'm not familiar with the software that exists to perform these tasks, so I can't estimate how long it would take to try all 10,000 pins under these circumstances; however it is worthwhile to note that the director of the FBI and the US attorney general are throwing tantrums because of it, so presumably it is enough to make their lives more difficult.