Open Radar

 
Current versions of iOS only allow to secure the entire OS with a passcode lock. Once unlocked all apps can be accessed. 

Because of this several app makers (including me with my iWoman app) needed to add their own passcode lock screens in their apps which have a different level of sensitivity as compared to games.

This poses several problems for the UX:

- the app-specific custom passcode screens can never be as secure as the lock provided by the system
- if such an app stores the passcode in a way that can be figured out then it is likely that the system passcode will be the same
- or if the user has a different PIN for the system and those apps then he has to remember all these
- the UI will not be consistent between the custom PIN entry screens and the system one
- in short those custom solutions are a bad workaround for a problem that should be addressed by the OS

Suggested Solution:

Add the capability of adding a passcode locks to individual apps and possibly also folders. A locked folder or app might show that code entry is required by a padlock badge. Upon tapping the icon - if it is not yet unlocked - the new system-app passcode screen will pop up and tell the user that he is now unlocking access to this app or set of apps. 

This way the user could keep all his sensitive apps in one folder, e.g. banking or stock trading apps. Also the user could then hand his device to some children who like to play games on the user's iPhone. 

An additional benefit could be that you can prevent deletion of apps or folders that are secured by a passcode lock. So the person I let play Games on it cannot remove the apps that are important to me and would be painful to having to set up again.

App- and Folder-locks could also be configured to time out after a while or not be required for a certain period after unlock.

Also this lock screen does not have to have an emergency dial option and should provide a mechanism to cancel entering of the passcode. 

It would probably be most convenient if the passcode for apps/folders has to be the same as the system one. 

Having a passcode on apps and folders could also tie into automatic data protection. As opposed to having to opt into this by the developer you could have a locked app/folder be automatically opted into file protection. The files in the app sandbox would then be unlocked only if the passcode is entered. 

Provide an API for inquiring about passcode status;

An API should be provided for apps to inquire wether there is a system- or an app-level passcode set. Ideally also with an indication as to its strength. This would be similar to how the Find my Friends app is doing it right now: if you have a passcode lock set then it does not require login on every launch.

Apps could generally adopt this practice of storing login credentials if the device or the app is secured with a passcode. This would entice people to add a passcode lock because of the convenience of not having to enter logins in all their apps.