Can they actually force you to unlock your phone?
Your passcode is closer to a formality than a wall; here is what the law actually allows at borders and under duress, and the one option most people miss.
Most people assume their passcode is a wall. It is closer to a formality.
In a surprising number of situations, someone can make you type it in, and saying no carries a real cost.
What the law actually allows
It depends on where you are and who is asking.
At the US border, agents can search your phone without a warrant under the border search exception, and they do it tens of thousands of times a year. There is a wrinkle worth knowing. US courts have often, though not uniformly, treated a passcode as testimonial and therefore harder to compel, while a fingerprint or a face scan is not, because it can simply be applied to you. Counterintuitively, the phone that opens with a PIN can sit on stronger legal ground than the one that opens with your face.
Elsewhere, the wall is thinner. In the UK, a court order under the Regulation of Investigatory Powers Act can compel you to hand over your password, and refusing can be a criminal offence carrying up to 2 years' imprisonment. Several other countries do the same in practice. "I know my rights" is a weaker shield here than people assume.
The maximum prison sentence in the UK for refusing a court order to hand over your password under RIPA.
When it is not the law, it is a person
The law is only half of it. A mugger who filmed you as you typed your PIN. A kidnapper. A controlling partner who insists on "just checking." A border officer who is technically only asking. The legal theory does not matter in any of these. What matters is that you are being made to open the one device that holds your whole life, and there is no referee in the room.
Why the usual answers fail
Refuse, and you invite consequences: a seized device, denied entry, sometimes a charge. Hand over an unlocked phone, and you expose everything at once. Show up wiped or empty, and that itself reads as hiding. Trigger a panic wipe in front of someone, and you have proven you destroyed something while they are still standing there.
Every one of these leaves you worse off. You look suspicious, you lose the device, or you give up your whole life.
There is a fourth option
The path that is not on that list: hand over a phone that is genuinely complete and ordinary, with the private part not visible and not provable to exist.
That is the gap DeniableOS closes. It runs two environments on one phone, behind three PINs and a single lock screen. Your public PIN opens the ordinary phone you live on. A hidden PIN opens a separate space whose data cannot be distinguished from unused storage. And a duress PIN covers the worst case: it opens the public side as a normal unlock while the hidden space is erased quietly in the background. Nobody watching sees a wipe. They see a working phone and a person cooperating.
You cooperate, and there is nothing unusual for anyone to find, and nothing to prove that it was ever there.

This is about the routine stop and the everyday search, the situation almost everyone actually faces. It is not a shield against a targeted investigation by people who already suspect you specifically and have held your device for weeks. A serious tool is worth more than a false promise, so it is worth being clear about that line.
Who ends up needing this
A traveller who does not want a stranger scrolling through family photos at a checkpoint. A founder who has access to real money. A journalist protecting a source. Someone leaving an abusive relationship whose partner demands to see their phone. For each of them, one unlock can expose everything, and "I would rather not" is not always safe to say.
Two phones. One device. Zero evidence.
See how a hidden, deniable environment protects what matters, even when you are forced to unlock.
FAQ
Can they really make me unlock it?
In many places and situations, yes. At the US border, they can search without a warrant. In the UK, a court order can compel you to provide your password, and refusal can be a crime. And a robber does not care about the law at all.
Is a passcode safer than Face ID?
At a checkpoint, often yes. US courts have generally treated a passcode as testimonial and harder to compel than a fingerprint or face scan, which can be applied to you physically. If forced unlock is a worry, a PIN is the safer choice.
How does a hidden environment help?
You unlock a real, complete phone, so cooperation looks natural, while the private side is not visible and cannot be browsed or proven to exist.
Sources
- EFF, border device searches and your rights: eff.org
- US border device searches, guidance and record numbers: security.ucop.edu
- UK compelled password disclosure (RIPA): reeds.co.uk
More to read

They came for the person, not the wallet
The smart attacker skips the cryptography and goes straight for you; here is why a hardware wallet does not cover a $5 wrench attack, and what does.

GrapheneOS vs DeniableOS: which one survives a forced unlock?
GrapheneOS is the best hardening base and DeniableOS is built on it; at the forced-unlock moment a duress wipe proves you hid something while a deniable unlock proves nothing.
They asked for my phone at the border. What now?
At many borders, an officer can make you unlock your phone, and saying no has real consequences. Here are your actual options, and the one most people don't know about.