Black, red, and white ankara wax cloth print shows a lock and a key in ornate frames.

Lock Your Digital Door

Gus Andrews
6 min readMay 15, 2020

I originally wrote this security advice piece for Tactical Tech’s Data Detox Kit; it’s adapted here with permission and thanks.

Although it may seem like taking care of your digital life is something that only happens online — in your email, the cloud, or a cell phone tower someplace — protecting the devices you hold in your hands is just as important. What could someone learn about you if they had access to your phone or computer? What could they do with your files, contacts list, social media profile, or financial account? What would happen if someone locked you out of those accounts?

Screen locks — that is, the password, pattern, fingerprint, or face ID you use to access your device — are some of your best defenses against someone who has your smartphone, tablet or other device in their hands. And this doesn’t just mean a thief or the police — it could be your partner, family member, roommate or co-worker.

Having any lock on your device gives you more protection than no lock at all. And just like the different types of locks you might put on your doors, some screen locks are stronger than others.

Let’s talk about small steps you can take towards making sure your devices are secure.

Screen locks: the password, pattern, fingerprint, or face ID you use to access your device are some of your best defenses against someone who might want to get into your device. But there are lots of different kinds out there and it might be hard to know which one is right for you.

Having any lock on your phone, tablet, or computer gives you more protection than no lock at all. And just like the different types of locks you might put on your doors, some screen locks are stronger than others.

Of all the locks out there, long, unique passwords are the strongest. That means if you unlock your device with a password, it should include letters, numbers, and special characters.

Learn more about how much security each kind of screen lock offers, and pick the one that’s right for you.

Password lock

It might surprise you, but eight-character-or-longer passwords with letters, numbers, and special characters are more or less the most secure way to lock your computer or phone.

That is, provided you don’t re-use passwords, don’t use password patterns which are easy to guess (sorry, 1234qwerty!), and don’t use common names, dictionary words, dates, etc. which may be on password lists circulated by hackers. And don’t share the password with others.

Fingerprint lock and iris scan

These are a little bit more secure than voice or face recognition. With fingerprint lock, someone would most likely have to make you touch your device to unlock it.

Faked fingerprints and iris scans are possible to make, but someone would need close access to you to pull them off. Still, someone who is really motivated to break into your device might pull this off more easily than guessing a strong password.

Non-technical break-ins using fingerprints are much more common than high-tech fingerprint faking. There have been instances where kids have touched their sleeping parents’ fingers to their phones to buy things they wanted.

If you’re going to use a fingerprint lock, there are ways to make it a little harder for someone to break in. For one thing, don’t register all of your fingerprints, just one or two.

Number (PIN) lock

Any PIN which is a non-random sequence of numbers (like 12345678 or 9999) is going to get guessed quickly. So are numbers based on phone numbers, birthdays or other dates. Be sure not to use numbers from your other IDs!

How secure these locks are depends on how many numbers are in the PIN, and what PIN you choose. As is always the case with passwords, longer is better. A four-digit PIN takes less time to guess than an eight-digit PIN.

Pattern lock

The kind of lock which requires you to draw a pattern between dots is both easy to guess and easy to see, so it’s not so secure. Many people use the same patterns, so just guessing at the pattern can let someone in. There have even been demonstrations of how someone can copy the pattern by looking at your finger grease on the screen!

If you’re going to use this kind of lock, make it more secure from people looking over your shoulder at your phone. Check your settings for pattern lock and turn off “Make pattern visible,” so the lines which show your pattern don’t appear on screen. And consider using a longer pattern — say, eight dots instead of four.

Voice or FaceID (face unlock)

Voice unlock and face recognition are ultimately all about making it easier to get into your device, not harder.

It’s relatively easy for someone to record your voice and use it to unlock your device.

Face unlock is especially risky for those facing domestic partner abuse, traveling across borders or those regularly targeted by the police, as it’s not hard to force you to look at your device.

Swipe lock

This kind of lock is just there to keep your smartphone from unlocking in your bag or pocket and accidentally triggering something on the screen — it’s not for security!

For tips on generating better passwords, check out this article.

Decide what’s right for you

We all need to make our own decisions when it comes to the security of our devices, based on what we know about the daily risks around us.

If you have your hands full a lot of the time with kids, pets, or other daily responsibilities, and you’re not worried about a mischievous or malevolent person in your life breaking into your device, a voice or face lock might provide the convenience you need while providing more security than a swipe lock.

A couple things to think about as you consider which lock to use:

  • How often do you leave your device unattended and out of your control? (The longer it’s out of your control, the more time someone has to get into it.)
  • Could someone easily look over your shoulder while you’re unlocking your device?
  • Do you need to share a device with other people?
  • Do you often forget or lose your device?
  • Are there factors which make it hard for you to use your hands?
  • Is someone likely to physically force you to unlock your device?

A little change can go a long way towards making your devices safer.

Let’s say you’re using a basic swipe to open your phone. You can slowly bump up your security by setting up a long password. Or do you use a pattern lock now? How about making your pattern longer? Use 1234 as your PIN? How about rolling some dice seven times and memorizing that PIN instead?

Set It Up

Now that you’re ready to lock your screen, you’ll need to find the setting on your phone, tablet, or computer.

On your phone or tablet:

iOS:

  • On iPhone X and later, go to SettingsFace ID & Passcode.
  • On earlier iPhone models, go to Touch ID & Passcode.
  • On devices without Touch ID, go to SettingsPasscode.

Android:

  • Settings
  • Screen lock and passwords
  • Select the lock you prefer and continue to set it up

Depending on the model and operating system, the setting may be in a different place, so be sure to look around, and if needed, do a web search for guidance. The instructions for computers vary per operating system, so also be sure to do a web search for clear steps.

And given you may share your devices with others in your life, talk with them about why you’re making your devices more secure. Consider sharing this article! Every security decision we make protects our work, homes and families, too.

For more digital security advice, check out Keep Calm and Log On.

--

--

Gus Andrews
Gus Andrews

Written by Gus Andrews

Researcher, educator, and speaker on human factors in tech. My policy work has been relied on by the EFF and US State Department. Author of keepcalmlogon.com

No responses yet