Passwords are not secure on iPhones that are lost. This is the result of tests carried out at Fraunhofer Institute SIT in Darmstadt. Within six minutes the institute's staff was able to render the iPhone's encryption void and decipher many passwords stored on it. If the iPhone is used for business purposes then the company's network security may be at risk as well. The flawed security design affects all iPhone and iPad devices containing the latest firmware. Written documentation and a video about the attack are available below.

http://www.sit.fraunhofer.de/en/forschungsbereiche/projekte/Lost_iPhone.jsp

It's sort of like a PC or Laptop in a way. If you have physical possession of the hardware then it's not that hard to get in on most operating systems. That doesn't surprise me too much. I wish there were more ways to encrypt mobile devices. I've got TrueCrypt on my laptops and netbooks at least. Is there anything like that for iOS devices?