The biggest security weakness in any system is the humans using it.
A further 15% of us choose one of the following ten most commonly used passcodes:
Apple iPhone app developer, Daniel Amitay, who published the interesting research, looked at four digit passcodes that users choose to secure their systems with.
Some of the passcode choices that Amitay’s research has thrown up are horribly predictable. People choosing the likes of 1234, 0000 and 1111 may as well not bother even having a passcode.
The passcodes 0852 and 2580 are a simple swipe up or down the keypad.
5683 is not such an obvious choice but Amitay has a theory that 5683 spells out LOVE on the keypad, and that may be why it’s so widely used.
And 1998? Well, it turns out that 1998 represents the highest frequency of choices that could represent a decade (the 1990s) – so maybe for users this could be a either a birth year, graduation date, wedding year, or birth year of a child.
Why do we have such predictable passcodes?
In a word - speed!
Apple says that on average an iPhone user unlocks his/her device 80 times a day. And 89 percent of users unlock using Touch ID, not because of its superior security principles but because it is the fastest method.
So why do we need to toughen up our passcodes? And do we need one at all if we have Touch ID?
The Case for Passcodes
Reason #1: Your life is on your phone
Look at what is on your phone! Contacts, social media, email, messages, web browsing, online purchases, internet banking, photos and so much more.
Your life is on your device, so the day you lose that device is the day someone may try to exploit everything they can learn about you.
If you fail to protect your device with a passcode here is a partial list of everything on your device anyone who has access to your device (such as when you leave it unattended or lose it) can take a look at.
- Your website passwords
- Your contacts, and all their details (including phone numbers and addresses)
- Your Mail and Messages
- Your Location history
- Your pictures and videos
- Any stored payment information, credit card numbers, corporate apps, Intranet access codes
- Not to mention they can install malicious software on your device
Reason #2: It's not just about you
If the need to protect yourself isn’t enough to motivate you to begin using a passcode on your mobile phone, what about the people you know?
Family, friends, and colleagues don’t want their email addresses, correspondence, messages and other items of personal data shared with people they don’t know or trust.
Protecting their information on your device is your responsibility.
Reason #3: What about your work?
OK we don't all work for large corporations and we don't have industrial secrets on our devices - but it's not about that!
What hackers and criminals really want is the credentials you use to access work systems. If they gain a few of these credentials from different people then it is much easier for them to crack into the corporate network systems. Having got in they could wreak all kinds of havoc. They may not be interested in stealing data, they may be interested in locking it all up and demanding payment for its release.
What's the best way to strengthen my passcode?
In recent mobile device software updates we have seen the advent of the fingerprint scanner, retina scanner, and facial recognition, however it is always a good idea to have a passcode - both as a back-up in case the first unlock option fails, and also as a second level of security.
Apple and Android devices allow the setting of 4-digit, 6-digit, and complex alphanumeric passcodes. What’s the difference?
Fortune Magazine claims it would take a computer an estimated 72-years to hack into a 6-digit alphanumeric passcode, but only an estimated 7-minutes to get through a 4-digit numeric code.
So far and away the strongest passcodes are those that employ 6-digits and which are a mixture of alpha-numeric.
Source: Fortune Magazine 19 March 2016
Setting an Alpha-Numeric Passcode on Apple iOS
Open Settings>Touch ID & Passcode, select Change your passcode, choose Passcode Options and create a custom alphanumeric code.
Setting an Alpha-Numeric Passcode on Android OS
Go to Applications > Settings > Location and Security > Set Screen lock > Password > Enter 4 characters (numbers only / mix of letters and numbers) > re-enter the password for confirmation.
- VoicePlus designs secure IP solution for banking industry provider
- Australian small businesses are most vulnerable to ransomware attacks
- Australian IT teams don't want to manage mobility
- eBook: What is a Managed Mobility Service MMS?