You trust all your important personal info is secure on your phone because you make it a habit to lock your device. This keeps your credit card and banking details, work files and other private data out of the hands of hackers and cybercriminals … Or does it?
Stop for a moment and consider how you lock your smartphone. Do you secure it with biometrics like facial recognition or your fingerprint? Or do you opt for traditional methods such as a PIN or password? Most people aren’t very good at creating hard-to-crack passwords. Tap or click for 5 rules you should use next time you’re creating one.
Depending on your chosen method, the way you secure your phone might be ineffective or even unsafe. So, what’s the most secure way to lock your smartphone? Let’s find out.
Look at that face
Facial recognition made its way to smartphones in 2016 with the Galaxy Note 7. Apple introduced Face ID with the iPhone X, which came out the next year.
This feature is all about convenience. Software scans your features to identify and verify your identity. One glance and your device is unlocked — no need to fuss with PINs or passwords.
Now, odds are slim someone else can use Face ID to unlock your iPhone, at least according to Apple. The company says there’s a 1-in-1-million chance a random person could unlock your phone or iPad using the facial recognition system. The odds get a lot better if you’ve got an identical twin or a sibling or other relative who looks like you.
Things haven’t been so smooth for Google and its Pixel 4. Last month, early adopters discovered a flaw that makes it easy for anyone with physical access to your phone to unlock it. Tap or click to find out how it works.
Here are a few other situations where using facial recognition to secure your phone gets tricky:
- Someone forces you to log into your device by making you look at your phone.
- Law enforcement legally compels you to unlock your mobile device. Can police make you unlock your phone? It depends.
- A photo, mask and even a baseball cap are purportedly able to fool facial recognition software.
A lasting impression
Like Face ID, fingerprint authentication is a quick and convenient way to unlock your phone. Just pick it up and place your finger over the sensor. Here are a few reasons you may want to use your fingerprint to lock your device:
- No two fingers have identical characteristics, so there’s little chance of false positives.
- It’s quick. Scanners take just a moment to identify or reject a fingerprint.
- Unlike a password, you can’t lose or share your fingerprint.
- Fingerprints are stored as encrypted mathematical representations, not as images. This makes them difficult to hack.
Finger authentication has many advantages, but it’s not foolproof — especially for someone who has physical access to you and your phone. There are stories of kids using a sleeping parent’s fingerprint to unlock a device, like a 6-year-old who went on an expensive shopping spree in 2016. And depending on your fingerprint scanner, they can be finicky to use.
Some reports suggest a fingerprint left on an item such as a cup can be used to deceive fingerprint scanners. Mobile security experts even warn replicating a fingerprint may only require a camera and printer. Tap or click here to learn how you can sign in to Google services with just your fingerprint.
Despite advances in technology, tried-and-true methods like PINs, passcodes and passwords are still some of the most common for securing smartphones.
Many users find these forms of security handy as they can use a similar PIN or password across many sites, accounts and devices. Smartphone users also tend to create PINs or passwords that are easy to remember, such as a birthday, address, username or other special date.
Weak passwords make users, and online data, vulnerable. Click or tap to learn why we may not need passwords in the future.
What makes this type of authentication convenient is also what makes it most susceptible to hackers. Cybercriminals know people create passwords from basic words or phrases and that they use identical passwords across the internet. Plus, PINs and passwords can be forgotten or stolen or even decoded with devices like GrayKey.
Make it a combo
While each method of securing your phone has its own set of weaknesses, stats show about a quarter of mobile device users don’t use any security technique at all. So, if you utilize any of the above procedures, you’re already a step ahead of those who take no precaution.
For the best protection, though, don’t rely on just one method. Use a combination of biometrics and PINs, passcodes or passwords to provide an extra layer of security in case one fails or is compromised. Setting up two-factor authentication for your accounts also goes a long way in protecting you. Tap or click to learn how 2FA works.
When creating a password or PIN for two-factor authentication or just to lock your phone, it’s crucial you follow a few guidelines:
- Do not create a password or PIN with all the same letters or digits.
- Use letters, numbers and special characters whenever you can.
- Make your passcode longer than four digits if possible. The longer, the better.
- Do not use easy-to-guess information like your birthday, name or address.
If you’re concerned about remembering longer and more complex passcodes and PINs, it may help to store them in a password manager such as RoboForm Everywhere.
Although using multiple forms of security requires a bit more effort than relying just a single technique, it does safeguard against their individual weaknesses. This ensures your device, and your data, are protected.