Welcome to a series of articles on basic smartphone security. Each article introduces a security practice that, when implemented, will improve your security with little effort.
This
article focuses on controlling access to your smartphone. By the end
of this article you will know how to make your phone far more
difficult for unauthorized people to unlock, protecting you and your
data.
Password Protection
Protect
your phone with a password. A 4-digit PIN is surprisingly easy to
crack. Use a password or longer PIN.
Make
your password easy to remember and easy to type with one hand. It
doesn't have to be particularly long or complicated, but a little
effort helps. As always, don't reuse passwords from elsewhere. Set
your phone to not display your password when you are entering it.
Think
a password isn't necessary? Think again. Your phone is an extension
of your life. Anyone with access to your phone has access to your
network, your photos, and your accounts.
Auto Factory Reset
Turn
on Auto Factory Reset. Protect your phone by having it wiped clean
after a specified number of failed log-in attempts.
You
know your password. You can get it right within ten tries. A thief
trying to guess will run out of chances.
Lock SIM Card
Put
a PIN lock on your SIM card. The SIM card allows your phone to
communicate with the cell tower network. Swapping the SIM card into
another phone permits you to use your credentials with that phone
(subject to confusing carrier restrictions but you can look that up
on your own).
Why
should you put a PIN lock on your SIM card? Thieves can steal the
card and thereby receive information intended for your phone – such
as account credentials used in two-factor authentication.
Things Not to Do
Do
not give an unlocked phone to someone else, unless you trust them.
This applies especially to police (show me the man and I'll show you
the crime). Think that's out there? They're coming out with a
digital driver's license
(https://www.gemalto.com/govt/traffic/digital-driver-license).
Don't do that.
Biometrics
are cool but they're also exploitable. Best not to add additional
attack vectors. Leave fingerprint and facial recognition alone.
What
do you say, fellas – anything I missed?
Comments
Post a Comment