Well, yes and no, the fallback for TouchID must be handled in app and is not related to the pin you use to unlock the device.
Most app I've seen use the same 4 digit pin format, but nothing is stopping them to ask for a full password...
Also, there's a pretty good keychain API to handle encryption, and you shouldn't need to derive any key from any password to safely encrypt stuff...
For me, it's not really a problem with the TouchID implementation, but with each developer knowing what they are dealing with...
Also, there's a pretty good keychain API to handle encryption, and you shouldn't need to derive any key from any password to safely encrypt stuff...
For me, it's not really a problem with the TouchID implementation, but with each developer knowing what they are dealing with...