Editorials
Do You Password Protect Your Smartphone?
A lot of people that wouldn’t have dreamed of using smartphones a few years ago are now iPhone, Blackberry and WinMo users. I’ve noticed a disturbing trend with my less geeky friends and family members though- almost none of them have set passwords to prevent unauthorized access.
This is a pretty risky move considering how much personal data can be stored or accessed via smartphones. Applications can give a thief instant access to documents stored in the cloud. Business and personal email are just a tap away. Many banks use SMS or phone calls for multi-factor authentication for web access or password resets.
When I explain some of the risks of not using a passwords on mobile phones, some people immediately lock down their phones. Others say they don’t want to punch in a password every time they want to make a call or check email.
I have my iPhone 3Gs set to lock down after 15 minutes of inactivity. Do you have a password set on your smartphone? What about the less technical folks in your life?
ericthebikeman
10/07/2009 at 4:38 pm
I have a Blackberry 8900 which locks down after 60 minutes by IT policy or if one of the BES administrators (me) locks it remotely. Everything is encrypted and it automatically nukes everything if the wrong password is entered too many times by some dopey thief. The other nice thing is you need the password to install any apps, so it would be harder to get something in there to leverage some sort of weakness. More work than an average thief is willing to or even do knows how to do for that matter. So I don’t really sweat it too much.
Xavier
10/07/2009 at 4:58 pm
Eric- sounds like you have you have things under control :-)
Stuart
10/07/2009 at 5:15 pm
I don’t think i’d do anything more than a rudimentary lock if that. Right now it is unlocked. As long as it is in my possession I see no need for all that “overkill”. But then again, I don’t put anything too important on my phones and I don’t lend it out.
SAM
10/07/2009 at 5:24 pm
Whats even a bigger worry is the spyware
that can be installed on your phone that
records your calls, text messages, emails,
and snaps pictures—all remotely
That’s scary
Joe
10/07/2009 at 5:58 pm
I don’t lock my phone ever either. For how often I look at my phone, it’s way too inconvenient to enter a PIN constantly.
I do have SplashID records and App Catalog purchases using a password, but the phone itself is completely open.
… Of course, I have the advantage that I can remote wipe through my Palm Profile on the Pre, so if I lost my device, I’d have no real issue.
GoodThings2Life
10/07/2009 at 7:35 pm
I don’t bother locking mine, and I don’t enforce it on my users either. I do use Exchange 2007 in my enterprise, and yes, I have made use of Remote Wipe on more than one occasion. In the mean time, it’s either in my hands, in my pocket, or on my nightstand or desk… so what’s the point of locking it? :)
GoodThings2Life
10/07/2009 at 7:41 pm
@SAM, wow, what kind of phone do you have that you’re worrying about that sort of thing?
Gary
10/07/2009 at 9:23 pm
@GoodThings2Life – I wouldn’t be so naive to think you wont lose it – it’s the time that it went from “in your pocket” to pulling up some data, and you accidentally leave it in the paint section at Home Depot, and someone picks it up. I know I thought the same thing, and my iPhone was lost, and later found. I later found out that it was found by a group of people that were all looking through it to find some type of information that identified me (emails, photos, contacts, etc). I’ve got to admit, I felt a bit violated (and stupid for not locking it down), and since, I have my iPhone set to lock down after 10min of inactivity, and my wallpaper displays “If found, please call XXX-XXX-XXXX”. I also am on MobileMe and have remote wipe, and Find My iPhone GPS location ability.
SAM
10/07/2009 at 10:07 pm
Goodtolife:
It was on Dateline. The software is easily obtainable and
they installed it on the reporters phone and “tracked” he for
a day.
They knew where she was, who she called, read her emails
and text messages, plus they snapped a few random pictures
for good measure. They had a log of whom she called and how
long she talked to them. They had the capabilities to record
BOTH sides of the conversations. They even could hear her talk
in her office on an “open mic” they activated on her own phone.
This would be as much or more of a danger to a businessperson
than a stolen phone. You can have the cell company disconnect
the phone.
But with the Spyware, I would not want someone listening into
meetings I have with our customers, nor phone conversations
regarding business deals.
I guess the old saying, “Don’t keep anything on your phone you
wouldn’t want your Mother to see…”
TateJ
10/08/2009 at 10:00 am
Both my iPhone and my Ipod Touch require a password after 5 minutes of inactivity and will wipe the contents if the password is entered incorrectly 10 times.
I leave my iPhone on my desk at work all day and in my car sometimes. My ipod touch says on the night stand most of the time and we have a cleaning service that comes in the house. It just makes me feel better to have both of them locked down and the extra second it takes me to punch in the passcode doens’t bug me at all
Zagleft1
10/08/2009 at 11:50 am
I find that using Throttlelock (free), which requires you to do a simple dot pattern slide does the job for me without being overly cumbersome.