Why can’t I set a Passcode / FaceID / TouchID with CheckRa1n Jailbreak?
CheckRa1n jailbreak is a great utility if you want to jailbreak iOS 12.0 all the way up to iOS 14.8, and it’s an unpatchable jailbreak which means Apple cannot do much about it because it is based on a powerful BootROM exploit.
However, starting with iOS 14.0 Beta 1, Apple has changed how SEP boots on A10, A10X, and A11 devices. There is now a new component called BPR (Boot Progress Register) which checks if the device was booted via USB. The BPR represents a uint32 data structure in Memory-mapped I/O. It has one bit which accounts for whether the device was booted over USB (CheckRa1n for example). SEPOS, SEP’s Operating System, checks some of the registers and sets the BPR flag if something is amiss.
If the BPR flag is set in a certain way, SEP will refuse to decrypt the user data when the device boots, which will cause the device to panic and restart.
CheckRa1n Team’s Fix
CheckRa1n uses the checkm8 exploit at its core. This is a SecureROM exploit. Very powerful, very capable exploit, but it does not give them control over SEP (Secure Enclave Processor) because that is a completely different component.
For A10 – A10X Devices (iPhone 7, iPhone 7 Plus, iPod Touch 6th, etc.)
In order to make the jailbreak work with these devices, the CheckRa1n team uses a SEP exploit called blackbird by Pangu Team. This allows them to fully control SEP and enable you to have complete SEP functionality with Passcode, TouchID, etc. It’s an elegant solution that works fine on these devices giving you a full jailbreak without compromising security.
For A11 devices (iPhone 8, iPhone 8 Plus, iPhone X)
Unfortunately, Pangu’s Blackbird exploit doesn’t seem to work for A11 devices, which means that the elegant solution presented above won’t work for these devices.
CheckRa1n team came up with an interesting strategy. They’ve added the option to Skip A11 BPR Check while jailbreaking. This is good, because it allows the jailbreak to work at all on A11, but it has a major drawback. You cannot have a Passcode / FaceID / TouchID enabled on the device if you use this method.
Considering that this is the only way checkra1n currently works for A11 devices, you’re left either not jailbreaking, or jailbreaking but disabling the passcode. For some people, this is a major security and privacy issue, while many others don’t care at all. CheckRa1n doesn’t necessarily recommend this, but it’s there if you really need it.
Additionally we added a checkbox to disable BPR checks on A11. This is not recommended and your device won’t boot with a passcode, but it’s there.
— checkra1n (@checkra1n) November 8, 2020
How To Set Passcode on iPhone 8 and X Jailbroken With CheckRa1n
Since the normal passcode, FaceID or TouchID would not work, you’re left with installing tweaks that would add such functionality. There are many such tweaks, and most of them work in similar ways, but you should keep in mind the following warning:
Tweak-based passcodes only protect you while your device is jailbroken. If the device is rebooted, it would not have any active passcodes!
That being said, it’s better to at least have a passcode while you are jailbroken than none at all. Sure, someone can easily defeat your tweak-based passcode by rebooting the phone, but people rarely do that because they don’t know it’s a tweak passcode. They think restarting the device would still ask for a passcode so they rarely do it.
Usually just having a passcode is enough of a deterrent from prying eyes. If people forcefully reboot your phone to try to bypass your passcode, you have bigger issues.
So let’s see which tweaks can be used to give you at least some passcode functionality.
Solution: Install the check4round Tweak (Free)
This tweak is available in Cydia if you add the https://plat-ykor.yourepo.com repo first. Once you finish adding the repo, you can search for check4round in Cydia and install it. If you don’t already have it, you need to install PreferenceLoader. Chances are you already have it if you have installed other tweaks.
Bill of materials in short:
- Add the https://plat-ykor.yourepo.com REPO.
- check4round tweak
After the tweak is installed, navigate to Settings and scroll down until you see check4round. Open the page. You will receive an alert with some information. Press Thank You to dismiss it. After this, you will see a couple of toggles. Do them as follows:
- Enabled -> Set to ON.
- Autolock -> Set to ON.
- Lock Respring -> Set to ON.
Then press the Set Your Password button. The default passcode is 1234. Make sure to set yours and don’t forget it.
That’s it. Now when you unlock the device it will show a textbox to input your passcode before you can use the device. This is a pretty flimsy method and does little to nothing in terms of security, but it will deter the most casual curious friends from snooping on your device.
Do keep in mind that this method does nothing to prevent your device from being connected to a computer and fully dumped. User data is not encrypted so the computer won’t wait for any passcode before showing your photos, doing backups, etc. It’s a temporary solution and should be treated as such.
Other guides from iDevice Central
- How to change Carrier name with FilzaEscaped on iOS 15.0 – 15.1.1
- How to Play Windows Games on macOS / OSX Without Emulators
- How to create a bootable Windows 10 USB Flash Drive on Mac
- iOS Downgrades: Blobs, SEP, And Baseband Explained (FutureRestore)
- iOS Jailbreak Downloads – Download Jailbreak Tools for All iOS Versions