Touch ID, Face ID, passcodes, and passwords
To use Touch ID or Face ID, the user must set up their device so that a passcode or password is required to unlock it. When Touch ID or Face ID detects a successful match, the user’s device unlocks without asking for the device passcode or password. This makes using a longer, more complex passcode or password far more practical because the user doesn’t need to enter it as frequently. Touch ID and Face ID don’t replace the user’s passcode or password, but provide easy access to the device within thoughtful boundaries and time constraints. This is important because a strong passcode or password forms the foundation for how the user’s iOS, iPadOS, macOS, or watchOS device cryptographically protects their data.
When a device passcode or password is required
Users can use their passcode or password anytime instead of Touch ID or Face ID, but there are some situations where biometrics aren’t permitted. The following security-sensitive operations always require entry of a passcode or password:
Updating the software
Erasing the device
Viewing or changing passcode settings
Installing configuration profiles
Unlocking the Security & Privacy preferences pane in System Preferences on Mac
Unlocking the Users & Groups preferences pane in System Preferences on Mac (if FileVault is turned on)
A passcode or password is also required if the device is in the following states:
The device has just been turned on or restarted.
The user has logged out of their Mac account (or has not yet logged in).
The user has not unlocked their device for more than 48 hours.
The user hasn’t used their passcode or password to unlock their device for 156 hours (six and a half days) and the user hasn’t used a biometric to unlock their device in 4 hours.
The device has received a remote lock command.
After exiting power off/Emergency SOS by pressing and holding either volume button and the sleep/wake simultaneously for 2 seconds and then pressing Cancel.
After five unsuccessful biometric match attempts (though for usability, the device might offer entering a passcode or password instead of using biometrics after a smaller number of failures).
When Touch ID or Face ID is enabled on an iPhone or iPad, the device immediately locks when the sleep/wake is pressed, and the device locks every time it goes to sleep. Touch ID and Face ID require a successful match—or optionally the passcode—at every wake.
The probability that a random person in the population could unlock a user’s iPhone, iPad, or Mac is 1 in 50,000 with Touch ID or 1 in 1,000,000 with Face ID. This probability increases with multiple enrolled fingerprints (up to 1 in 10,000 with five fingerprints) or appearances (up to 1 in 500,000 with two appearances). For additional protection, both Touch ID and Face ID allow only five unsuccessful match attempts before a passcode or password is required to obtain access to the user’s device or account. With Face ID, the probability of a false match is different for twins and siblings who look like the user and for children under the age of 13 (because their distinct facial features may not have fully developed). If the user is concerned about this, Apple recommends using a passcode to authenticate.