Depends on the definition of "fully safe", or maybe "device". Extracting keychain secrets from a iOS device requires brute-forcing the lock screen password.
Bruteforcing the 4-pin digit is easy "math-wise", but complicated in practice because you can't really access the data on the flash (not even dumping it, as it's fully encrypted with a hardware key), and the device will not pair to a new PC/Mac without first unlocking; so you would also need physical access to a paired PC/Mac.
For the newest devices, fingerprints can't really be bruteforced (not because of complexity, but the because the hardware locks down burning its secret after a few attempts) and Apple advises using a complex password as a fallback for the fingerprint; basically the password is the real secret for encryption, while the fingerprint hw just holds a temporary unlock secret which selfdestroys if bruteforced; this is why the user is always required to enter the password after a reboot.
Of course you might still have a 0-day root exploit to use if you're NSA (or somebody with $300K to invest), and that's where I concede the "not fully safe".
Bruteforcing the 4-pin digit is easy "math-wise", but complicated in practice because you can't really access the data on the flash (not even dumping it, as it's fully encrypted with a hardware key), and the device will not pair to a new PC/Mac without first unlocking; so you would also need physical access to a paired PC/Mac.
For the newest devices, fingerprints can't really be bruteforced (not because of complexity, but the because the hardware locks down burning its secret after a few attempts) and Apple advises using a complex password as a fallback for the fingerprint; basically the password is the real secret for encryption, while the fingerprint hw just holds a temporary unlock secret which selfdestroys if bruteforced; this is why the user is always required to enter the password after a reboot.
Of course you might still have a 0-day root exploit to use if you're NSA (or somebody with $300K to invest), and that's where I concede the "not fully safe".