No doubt you have heard about the importance of antivirus, updating apps, browsers, operating systems, etc. These are all important and are not to be ignored. However, it's not often that there is as much emphasis on securing your actual device, not in my experience anyway. It is a curious thing to wonder whether people secure their devices with passwords, a pin, or some form of biometric because they are prompted to do so by their device or whether they appreciate the need. Are biometrics (fingerprint or facial recognition) used as they are often faster and more convenient than remembering a long-winded password? Or do people deploy them for their security benefits alongside convenience? Whatever the reason, it is important to secure your device, whether that be your smartphone, tablet, or laptop etc and to understand the reasons why. As technology has advanced, so has our reliance on it, our devices have become extensions of ourselves. They hold our most personal information, from financial details to cherished memories, making device security a paramount concern.
Furthermore, these powerful little devices help us to carry out many of our daily tasks. Even still, it is quite often I hear people say "oh I barley use my phone" but then when it’s out of action they feel lost, realising the importance of this taken-for-granted device. I appreciate that not all people feel like that, and I am fully aware of my reliance on tech. Whichever side of the fence you sit on, it's important to secure your device. That, however, is not the whole picture. You also need to be aware of your surroundings as you never know when someone is lurking, waiting to see what information they can obtain from you.
In this article, we'll explore the significance of securing your device and different methods of doing so in addition to the dangers of ‘shoulder surfing’ which will be explained later on:
PINs - A First Line of Defence
Personal Identification Numbers (PINs) are typically four to six-digit codes that provide quick access to your device. Although they may seem simplistic, they serve as a crucial initial barrier against unauthorized access as, without one, anyone who somehow obtains your device can instantly gain access to it and the content it contains. Pins also have the following benefits:
1. Ease of Use: PINs are easy to remember and quick to input, making them user-friendly while still offering a reasonable level of security.
2. Protection from Casual Intruders: For someone attempting to gain unauthorized access to your device in a public setting, such as a café or subway, a PIN can be a significant deterrent.
3. Resistance to Shoulder Surfing: Since PINs require the user to input a sequence of numbers, they are less vulnerable to shoulder surfing than longer passwords.
Important note: Try not to use easily guessable pins such as your year of birth or sequential numbers like 1234. Additionally try using at least a 6-digit pin, the longer the pin the harder it is to guess.
Passwords - Adding Complexity
Passwords are more complex than PINs, typically consisting of a combination of letters, numbers, and symbols, with guidance to make passwords at least 12 characters long and consider using three random words as recommended by the National Cyber Security Center (NCSC). Here's why they're a crucial component of device security:
1. High Security: Longer and more complex passwords offer a higher degree of security, protecting your device against more determined attackers.
2. Securing Online Accounts: Passwords often double as keys to our online accounts. A strong, unique password for each account helps prevent unauthorized access to your personal data.
3. Mitigating Shoulder Surfing: While passwords are more complex to crack, they still require vigilance against shoulder surfing. Typing passwords in crowded places or in the presence of prying eyes should be avoided.
Patterns – Another Option:
1. Security: Patterns are a secure way to protect your device. They require a specific sequence of swipes, making it harder for unauthorized users to access your data.
2. Convenience: Patterns are easy to set up and use. You can unlock your device quickly with a pattern you've memorized.
3. Customization: You can create a unique pattern that suits your preferences, adding a personal touch to your device's security.
4. Faster Access: Unlocking with a pattern is often faster than entering a PIN or password, making it more convenient for everyday use whilst still offering a layer of security.
5. Visual Recognition: Patterns are visually intuitive and can be easier to remember than complex passwords.
6. Temporary Access: You can share your device temporarily with someone by showing them the pattern without revealing your password.
Patterns can help mitigate shoulder surfing, a situation where someone tries to gain unauthorized access to your device by observing your actions due to their complexity, invisible input, and the speed at which they can be input especially once memorised. Even so, vigilance is key.
Biometrics - A Cutting-Edge Shield
Another form of protection you can use, often in conjunction with a pin or password is biometrics. Biometrics are some of the latest advancements in device security, involving unique physical or behavioural characteristics for identification. Common biometric methods include fingerprint recognition, facial recognition, and even iris scanning. The benefits of biometrics include:
1. Uniqueness: Biometrics are nearly impossible to replicate, as they rely on unique biological features, offering an exceptionally high level of security.
2. Convenience: They provide a seamless user experience, eliminating the need to remember PINs or complex passwords.
3. Shoulder Surfing Resistance: Biometric authentication methods, such as facial recognition, are less susceptible to shoulder surfing, as they often require a deliberate interaction from the user.
I have mentioned shoulder surfing a few times now, so what is it? Now we have talked about protecting your devices, its important to give a mention to some basic behaviours, to protect against a rather simple but still dangerous form of social engineering, namely, shoulder surfing.
Shoulder surfing is a form of social engineering (please refer to my blog post on social engineering for more information) where an attacker observes your credentials as you enter them, quite often by looking over your shoulder observing, unseen. This can be dangerous especially if what you are entering is sensitive. To defend against this threat:
Protecting Against Shoulder Surfing
1. Be Aware of Your Surroundings: Stay vigilant in public spaces, especially when entering PINs or passwords.
2. Use Screen Privacy Filters: These filters limit the viewing angles of your screen, making it difficult for prying eyes to see what you're doing.
3. Leverage Biometrics: Whenever possible, use biometric authentication methods, which are inherently more resistant to shoulder surfing.
4. Understand that it could happen to you: Often we think that no one would be interested in looking over our shoulders and stealing our login details. Who would want to do that? No one I know surely? Well, you would be surprised. That’s not to say you need to be suspicious of your family and friends etc but treat your device privacy as you would any other private information; keep it private! The individual may not even know you but may be an opportunist, taking advantage of their lovely viewing angle of your device and what you’re typing.
In conclusion, safeguarding your device requires a multi-layered approach. PINs, passwords, and biometrics each play a vital role in protecting your personal information. Using these methods increases device security with the more approaches being used the better. While shoulder surfing remains a threat, a combination of these security measures will significantly reduce the risk and enhance your overall digital security. Remember, the stronger your defence, the safer your digital life becomes.
Useful Links:
NCSC Guidance on Passwords (Three Random Words):
Article on shoulder surfing:
Article on Screen locks by NCSC: