32 votes

Why do you lock your smartphone?

I'm genuinely curious. I'm a late adopter FWIW and am still rocking an older iPhone that doesn't support any face recognition or finger prints. But I don't use a pass code either, and never have, and doubt I ever will. I just don't get it... what are folks afraid of happening if they don't lock their phone? I suppose the "nightmare" scenario would be someone steals your phone and then messages your contacts asking for $. Is that it?

I've always practiced greater digital security than physical security (counting the phone unlock as physical) as I think it much more likely that a ne'er-do-well would attack some large company than to single me out in person. I mean if the FBI or some hacker is going through my garbage then I probably have larger problems, right?

For me it's cost/benefit - swiping/fingerprinting/face IDing multiple times a day is not worth the slim chance that my phone is stolen by someone who going to use the info in it for something nefarious. I wouldn't lock my car if I was in/out of 20x a day, I just wouldn't leave anything terribly valuable in it.

Please let me know why locking your phone is/isn't important to you.

EDIT: To be clear, I have one banking app and it requires an additional password to get in. It's an app so there isn't a saved password for it anywhere.

EDIT2: Made this as a comment below, but thought I'd add it up here as well - "I find it strange that people in general seem to be OK with putting up with an inconvenience (even though minor to many) that affects them multiple times a day, but we hold large companies almost wholly unaccountable for major data breaches. "

EDIT3: This just occurred to me. We lock our phones, but not our wallets/purses. The argument that a pass-code is a protection against identity theft rings sort of hollow when we consider we have much of the same info on an ID card that we keep unprotected. Some states will even list the SSN on a driver's license.

EDIT4: I'm convinced everyone thinks their personal lives are terribly interesting to strangers and my suspicion is they're not. Only two real cases of bad things happening when a phone is unlocked that I've counted so far: 1) long distance calls 2) pokemon themed contacts.

EDIT5: That said, sounds like the fingerprint scanner is the way to go for convenient security. I'll be checking that out. Sincere thanks!

EDIT6: Some folks said that edit 4 came off as condescending. Not my intention. I was trying to tie in the idea of "everyone being the main character in their own story." I'm definitely not implying that people should leave their phones unlocked because others wouldn't find their lives uninteresting.

I think many have a personal connection to their devices that I do not feel. Intellectually I find that very interesting as this seems less a monetary issue and more a privacy issue. It'd be as if a stranger picked up a lost diary and started reading. I fear my diary would be more like a ship captain's logbook and wholly uninteresting. If I were to have my phone stolen I'd simply change a couple passwords and buy a new one.

82 comments

  1. [9]
    Akir
    Link
    Today, phones themselves are security devices. It is constantly logged into a number of accounts and it likely has a number of passwords saved on it. It's also used as as authenticator for 2FA. If...

    Today, phones themselves are security devices. It is constantly logged into a number of accounts and it likely has a number of passwords saved on it. It's also used as as authenticator for 2FA. If you are the average person, someone stealing your phone and gaining access to it is basically identity theft.

    63 votes
    1. [8]
      Pilgrim
      Link Parent
      I'm just not worried about a person IRL gaining physical access to a device to do this. I can only imagine the very low odds of that occurring. What strikes me as more likely is someone having...

      someone stealing your phone and gaining access to it is basically identity theft

      I'm just not worried about a person IRL gaining physical access to a device to do this. I can only imagine the very low odds of that occurring.

      What strikes me as more likely is someone having their id/pass stored in their web browser on their phone for a banking website. So that'd be bad.

      1 vote
      1. [5]
        teaearlgraycold
        Link Parent
        This is why I use Firefox on my phone and encrypt the password store with a master password. If you take no security measures, then someone who steals your phone has: All of your account...

        What strikes me as more likely is someone having their id/pass stored in their web browser on their phone for a banking website. So that'd be bad.

        This is why I use Firefox on my phone and encrypt the password store with a master password.

        If you take no security measures, then someone who steals your phone has:

        • All of your account information for every website (assuming you have your browser save this information).
        • All of your 2FA keys.
        • The ability to text/call as you.
        • All of your contacts' information.
        • Your text message/call history.
        18 votes
        1. [4]
          Pilgrim
          Link Parent
          I'd like to know what password manager you use, or are you saying you just use the one built into FF? The only concern I'd have is banking. I can't see anything else anyone could do that couldn't...

          I'd like to know what password manager you use, or are you saying you just use the one built into FF?

          The only concern I'd have is banking. I can't see anything else anyone could do that couldn't be simply explained with a message to friends like "hey I was hacked." The worst I've heard of is someone hitting up grandma or whoever for $ after making up a story about being trapped overseas. So again, not good, but unlikely at best.

          I'm curious if you keep your wallet/purse locked as well (this just occurred to me as an inconsistency in the "keep stuff secure" mentality and not an attack at you or anything of that nature).

          1 vote
          1. Greg
            Link Parent
            Email access is the key, in my opinion. A stolen wallet is frustrating, but ultimately fixable with a couple of phone calls. The financial loss is limited to whatever cash was in there, and once...

            Email access is the key, in my opinion. A stolen wallet is frustrating, but ultimately fixable with a couple of phone calls. The financial loss is limited to whatever cash was in there, and once the cards are cancelled that's the end of it.

            An email account, on the other hand, gives password reset access to most other accounts, as well as a wealth of personal information about spending habits, addresses, receipts, bills, account numbers, etc. Add a multiplier to that if there's a work email account on there as well as personal.

            Just identifying everything that could be breached via email would take days, and even then there's the ongoing worry that something was missed, or that a key password or piece of private info is in someone else's hands.

            26 votes
          2. Akir
            Link Parent
            Someone who has access to all of your private information has a way to answer all of the most common security questions you would have to answer to get access to your bank account.

            Someone who has access to all of your private information has a way to answer all of the most common security questions you would have to answer to get access to your bank account.

            16 votes
          3. teaearlgraycold
            Link Parent
            Yes, just the one built into FF. If my wallet is stolen I'll need to call my bank and let them know my wallet was stolen. Any purchases should be reversed. If my phone is stolen I can't call up my...

            Yes, just the one built into FF.

            If my wallet is stolen I'll need to call my bank and let them know my wallet was stolen. Any purchases should be reversed. If my phone is stolen I can't call up my carrier and have them undo anything the thief did in the past hour.

            7 votes
      2. [2]
        roboticide
        Link Parent
        You have very low odds of being in a car crash, or getting very sick if you're under 40. I assume you have insurance, or at least see the value of insurance? A second of inconvenience to unlock a...

        I can only imagine the very low odds of that occurring.

        You have very low odds of being in a car crash, or getting very sick if you're under 40. I assume you have insurance, or at least see the value of insurance? A second of inconvenience to unlock a phone is a small price to pay for piece of mind.

        What strikes me as more likely is someone having their id/pass stored in their web browser on their phone for a banking website.

        I think you're forgetting how much of a single point of failure a modern phone represents. My banking app always requires an additional login. However, the password reset is linked to an email account on the phone, and that doesn't require a separate login every time I want to use it. Many "secure" apps have this problem.

        A lock ensures that if the phone is lost, it's not immediately exploitable. You have time to attempt to recover it before having it reset to factory standard, which is more of a pain in the ass then a phone lock ever is.

        There's also just the simple issue of privacy. I have pictures and messages I just don't want anyone seeing.

        You're talking about security from a being targeted perspective, and there I agree with you. It's pretty egotistical to think a hacker would target me specifically, or someone would specifically steal my phone to gain access. But it's not about that, it's about peace of mind, and security in the event that it's lost, or stolen just by chance, it's denying convenient access. Your method certainly accomplishes the same thing, but I think you put less onto your phone than I think many here are? Which is again, more inconvenient than grabbing it so my finger hits a sensor.

        5 votes
        1. Pilgrim
          Link Parent
          Excellent points! I'll probably move to a finger sensor.

          But it's not about that, it's about peace of mind, and security in the event that it's lost, or stolen just by chance, it's denying convenient access. Your method certainly accomplishes the same thing, but I think you put less onto your phone than I think many here are? Which is again, more inconvenient than grabbing it so my finger hits a sensor.

          Excellent points! I'll probably move to a finger sensor.

          1 vote
  2. [3]
    meghan
    Link
    My phone knows more about me than probably my brain does, especially when it comes to secrets. I can't put a lock on my brain but people can't just open it up. My phone has password back up codes...

    My phone knows more about me than probably my brain does, especially when it comes to secrets. I can't put a lock on my brain but people can't just open it up. My phone has password back up codes and 2FA access on just about every account I own. Is that a single point of failure? Yeah, but my phone is an extension of myself in the healthiest sense of those words and I'm okay if the single point of failure on my info is myself.

    And I was in the closet up until very recently do I did have some "larger" things I was hiding haha.

    28 votes
    1. [2]
      Pilgrim
      Link Parent
      personal secrets are definitely a good reason! congrats on being out and about :)

      And I was in the closet up until very recently do I did have some "larger" things I was hiding haha.

      personal secrets are definitely a good reason! congrats on being out and about :)

      8 votes
      1. meghan
        Link Parent
        Thank you! ๐Ÿ˜Š I'm definitely feeling so much better now not having to hide that ๐Ÿ’–๐Ÿ’–

        Thank you! ๐Ÿ˜Š I'm definitely feeling so much better now not having to hide that ๐Ÿ’–๐Ÿ’–

        10 votes
  3. [7]
    clerical_terrors
    Link
    The inconvenience of having to enter a passcode is completely minor, and even if the chance of my phone being stolen and the data being used is astronomically small the consequences of it are huge...

    The inconvenience of having to enter a passcode is completely minor, and even if the chance of my phone being stolen and the data being used is astronomically small the consequences of it are huge and long-lasting. The small inconvenience is worth the extra roadblock towards that in my view, which I will readily accord everyone the right to disagree with.

    19 votes
    1. [6]
      Pilgrim
      Link Parent
      I find it strange that people in general seem to be OK with putting up with an inconvenience (even though minor to many) that affects them multiple times a day, but we hold large companies almost...

      chance of my phone being stolen and the data being used is astronomically small the consequences of it are huge and long-lasting

      I find it strange that people in general seem to be OK with putting up with an inconvenience (even though minor to many) that affects them multiple times a day, but we hold large companies almost wholly unaccountable for major data breaches.

      5 votes
      1. [2]
        clerical_terrors
        Link Parent
        I think we generally tend not to hold (some) companies accountable for their damages to a fair degree, see also: the 2008 financial crisis, global climate change, the opioid epidemic or hiding the...

        I think we generally tend not to hold (some) companies accountable for their damages to a fair degree, see also: the 2008 financial crisis, global climate change, the opioid epidemic or hiding the truth about sugar which lead to the obesity crisis. An unfortunate by-product of our own failures to hold out political systems accountable as well.

        13 votes
        1. Pilgrim
          Link Parent
          Good point, but I wish it wasn't so!

          Good point, but I wish it wasn't so!

          3 votes
      2. [2]
        yellow
        Link Parent
        For what its worth, I've been using the fingerprint checker on my S5 for while now, and as long my hand isn't soaking wet its less hassle than swiping the screen.

        For what its worth, I've been using the fingerprint checker on my S5 for while now, and as long my hand isn't soaking wet its less hassle than swiping the screen.

        7 votes
        1. Pilgrim
          Link Parent
          I might look into that. I'm all about the convenience so if it's actually easier then I'm down. Security AND ease-of-use is where it's at.

          I might look into that. I'm all about the convenience so if it's actually easier then I'm down. Security AND ease-of-use is where it's at.

          1 vote
      3. edward
        Link Parent
        With TouchID the inconvenience is basically non-existent, you have to press the home button to turn on the screen anyway, hold it for a second longer and you're in. I was on a 4S for years, so...

        With TouchID the inconvenience is basically non-existent, you have to press the home button to turn on the screen anyway, hold it for a second longer and you're in.

        I was on a 4S for years, so upgrading to a 7 was a major upgrade, with TouchID being one of the best new features.

        3 votes
  4. [2]
    Jedi
    Link
    For me it's just easier to use the fingerprint sensor on the back than move my thumb to press the power button. It's simpler and quicker to be (more) secure than to leave it unlocked. I also have...

    For me it's just easier to use the fingerprint sensor on the back than move my thumb to press the power button. It's simpler and quicker to be (more) secure than to leave it unlocked. I also have to use it for Google Pay, and I want to keep my accounts from being accessed by strangers. So I'd have it locked regardless.

    16 votes
    1. Pilgrim
      Link Parent
      Very interesting reply. Thank you!

      Very interesting reply. Thank you!

      1 vote
  5. Eva
    Link
    It's not really inconvenient to meโ€”takes like half a millisecond, stops my phone from getting unlocked in my pocket/purse/when I'm messing with it, stops people from being able to sign things...

    It's not really inconvenient to meโ€”takes like half a millisecond, stops my phone from getting unlocked in my pocket/purse/when I'm messing with it, stops people from being able to sign things using my PGP key if they get physical access, etc.

    Same reason I changed my phone's default root password, really.

    13 votes
  6. [4]
    somewaffles
    Link
    It depends on what you have on your phone. I have multiple banking apps, calendars, social media, etc. on mine (ie non-phone stuff.) If someone were to get their hands on my phone with malicious...

    It depends on what you have on your phone. I have multiple banking apps, calendars, social media, etc. on mine (ie non-phone stuff.) If someone were to get their hands on my phone with malicious intentions, they could mess up my life pretty bad.

    9 votes
    1. [3]
      Pilgrim
      Link Parent
      What's your worst case scenario look like?

      What's your worst case scenario look like?

      1 vote
      1. [2]
        somewaffles
        Link Parent
        Identity theft on multiple levels. In your edits you mention not locking our wallets, but thats kind of a "what-aboutism" because if my wallet is stolen they have one piece of my information. If...

        Identity theft on multiple levels. In your edits you mention not locking our wallets, but thats kind of a "what-aboutism" because if my wallet is stolen they have one piece of my information. If they had my phone they would have access to a good portion of my life that would take more than just a call to the bank to solve.

        Also to your second edit, it really isn't an inconvenience when you have your unlock code down to muscle memory. Maybe from an outside perspective, it seems a bit much but I've been doing it so long I don't think about it anymore and adds less than a few seconds to my day. Seems like a good pay off to not have to worry about identity theft.

        Again, really depends on what you use your phone for. If you don't have any of those apps, then you have nothing to worry about!

        8 votes
        1. Pilgrim
          Link Parent
          Great perspective. Thanks!

          Great perspective. Thanks!

          1 vote
  7. [4]
    Whom
    Link
    I started doing it when I first got a phone and had asshole friends who would mess with it if they had the chance, and I still have a constant paranoia about people I know wanting to use my phone...

    I started doing it when I first got a phone and had asshole friends who would mess with it if they had the chance, and I still have a constant paranoia about people I know wanting to use my phone (even if it's just that theirs died and they need to search for something). See, the identity you'd see if you had full access to my phone is very different to what many of the people I know in real life know.

    There's also the security things that everyone is talking about, but also at this point there's no reason for me not to. With the fingerprint scanner, it's typically unlocked before I'm even looking at it, so there's no meaningful inconvenience there. Also, if you keep it in your pocket against your leg, do you not get annoyed by things opening and getting pressed all the time? That happens way too much to deal with if mine is unlocked.

    8 votes
    1. [3]
      Pilgrim
      Link Parent
      That sounds like an awful way to live life. Why? Several people have said this so I'll have to check it out. I've honestly rarely had this happen. I find it usually happens if I don't lock the...

      See, the identity you'd see if you had full access to my phone is very different to what many of the people I know in real life know.

      That sounds like an awful way to live life. Why?

      With the fingerprint scanner, it's typically unlocked before I'm even looking at it

      Several people have said this so I'll have to check it out.

      do you not get annoyed by things opening and getting pressed all the time

      I've honestly rarely had this happen. I find it usually happens if I don't lock the phone before putting it in my pocket, which is I assume the same regardless of security method used.

      2 votes
      1. [2]
        Exalt
        Link Parent
        It's better to have one side see you in a good light than both sides see you in a bad one.

        That sounds like an awful way to live life. Why?

        It's better to have one side see you in a good light than both sides see you in a bad one.

        5 votes
        1. Pilgrim
          Link Parent
          I hope one day you can be your true-self and that others around you are accepting of that.

          I hope one day you can be your true-self and that others around you are accepting of that.

          1 vote
  8. [2]
    sublime_aenima
    Link
    Years ago my father in law had an old phone stolen from his home. It was originally my wife's but when she switched over to my plan she gave the phone to her dad. The thieves wracked up close to a...

    Years ago my father in law had an old phone stolen from his home. It was originally my wife's but when she switched over to my plan she gave the phone to her dad. The thieves wracked up close to a thousand dollars in international calls and data overages before my FIL had any clue what was happening. His carrier did not care and held him financially responsible for the charges. I know keep all my family's phones locked to prevent these types of charges from happening if their phone gets lost or stolen.

    8 votes
    1. Pilgrim
      Link Parent
      Very interesting. Sorry to hear about the experience. Yours is the first actual negative real-life negative I've heard of. Thanks for sharing!

      Very interesting. Sorry to hear about the experience. Yours is the first actual negative real-life negative I've heard of. Thanks for sharing!

      3 votes
  9. [2]
    Comment deleted by author
    Link
    1. Pilgrim
      Link Parent
      Whelp you made me google "fursona" at work lol

      Whelp you made me google "fursona" at work lol

      2 votes
  10. [4]
    SleepyGary
    Link
    Aside from just about everything personal in my life, access to protected health information. I work in medical tech and people could access our app through my phone. My employer and I would be in...

    Aside from just about everything personal in my life, access to protected health information. I work in medical tech and people could access our app through my phone. My employer and I would be in all sorts of problems with multiple countries' health regulatory bodies.

    7 votes
    1. [3]
      Pilgrim
      Link Parent
      So this app that ties into HIPPA-protected info isn't secured by a password or anything? That's terrifyingly bad.

      So this app that ties into HIPPA-protected info isn't secured by a password or anything? That's terrifyingly bad.

      2 votes
      1. [2]
        SleepyGary
        Link Parent
        It is but if if my phone is stolen while there is an active session the only thing between them and it would be a lock screen. Granted it's a very narrow window.

        It is but if if my phone is stolen while there is an active session the only thing between them and it would be a lock screen. Granted it's a very narrow window.

        2 votes
        1. Pilgrim
          Link Parent
          Got it. Good on you.

          Got it. Good on you.

          1 vote
  11. [9]
    ZigZag
    Link
    I work as an Apple tech/consultant. When I got my first iPhone I did the same as you. No passcode. Then I realized that I was storing my passwords in it and it would be easy for anyone to look up...

    I work as an Apple tech/consultant. When I got my first iPhone I did the same as you. No passcode. Then I realized that I was storing my passwords in it and it would be easy for anyone to look up my passwords if I left my phone unattended. I know you're not storing your passwords. But if you have email signed in on that device, it would be easy for anyone that had access to your phone to gain access to any other account associated with that email. Lets say you use that email with Facebook (just an example). If I sent a password reset request for Facebook, it would send to that email (that I now have access to) and now I have access to your Facebook account and you don't. Again, just an example.

    In short, there are all sorts of nefarious things people can do when they have access to your email. Hell, if someone wanted to really troll you they could sign you up for nambla.

    My strong advice is to create a passcode. You'll quickly get used to the nuisance. Another tip, go into the health app and enter your emergency contact info. Even if someone can't get into your phone, they can at least look up your emergency info. So if you get into an accident and you're unconscious, a paramedic can see your blood type, medications, emergency contacts etc.

    7 votes
    1. [8]
      Pilgrim
      Link Parent
      I might look into the fingerprint option as that seems easiest, but not really sure I want Apple to have my fingerprints either. But I don't mind calculated risks, either. I struggle to imagine a...

      I might look into the fingerprint option as that seems easiest, but not really sure I want Apple to have my fingerprints either.

      But I don't mind calculated risks, either.

      I struggle to imagine a scenario where someone steals my phone and then attempts to use it to get into my accounts vs just wiping and selling the phone for quick drug money.

      3 votes
      1. [5]
        trazac
        Link Parent
        It should be noted that the fingerprint is supposed to only be stored on the phone, and on top of that recreating a fingerprint from the scanned data is supposed to be impossible.

        It should be noted that the fingerprint is supposed to only be stored on the phone, and on top of that recreating a fingerprint from the scanned data is supposed to be impossible.

        4 votes
        1. [4]
          teaearlgraycold
          Link Parent
          I've been wondering about how easy it would be to fool the sensor using the fingerprint left from your last unlock. The sensor on my Pixel XL seems to, ironically, be a fingerprint magnet.

          I've been wondering about how easy it would be to fool the sensor using the fingerprint left from your last unlock. The sensor on my Pixel XL seems to, ironically, be a fingerprint magnet.

          2 votes
          1. [3]
            trazac
            Link Parent
            With current technology it isn't easy or quick, although it is possible to lift the fingerprint, create a fake, and then fool the sensor. It's certainly the type of thing a common thief wouldn't...

            With current technology it isn't easy or quick, although it is possible to lift the fingerprint, create a fake, and then fool the sensor.

            It's certainly the type of thing a common thief wouldn't be able to easily do

            3 votes
            1. [2]
              teaearlgraycold
              Link Parent
              It still seems like a major security hole (although fingerprints as an authentication method may just be inherently flawed). Imagine if after typing in your PIN the buttons you pressed were burned...

              It still seems like a major security hole (although fingerprints as an authentication method may just be inherently flawed). Imagine if after typing in your PIN the buttons you pressed were burned into the screen.

              2 votes
              1. trazac
                Link Parent
                Yeah, kind of maybe, but it's really not easy or simple. It's possible, but if someone were to take your phone, it's doubtful they would keep it in pristine condition enough to find a suitable...

                Yeah, kind of maybe, but it's really not easy or simple. It's possible, but if someone were to take your phone, it's doubtful they would keep it in pristine condition enough to find a suitable fingerprint. On top of that, knowing how to make a fake (and particularly a fake that will work) is more than most people know. Lifting a fingerprint is also more difficult than TV shows would have you realize. While it's not impossible to lift your fingerprint from your phone and then use it to model a fake, it's also very unlikely there will be a usable fingerprint on the phone itself.

                The comparison has been made in this thread, but think about a standard lock. A Master Lock No. 3 can be easily picked by a novice with some instructions within a few seconds, but most criminals don't even know how to do that. Even having a small amount of security is enough to deter most would-be thieves.

                2 votes
      2. [2]
        ZigZag
        Link Parent
        Apple doesn't have anyone's fingerprints. That data is stored locally in the "secure enclave". But anything made can be broken....

        Apple doesn't have anyone's fingerprints. That data is stored locally in the "secure enclave". But anything made can be broken.
        https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/storing_keys_in_the_secure_enclave
        https://www.howtogeek.com/339705/what-is-apples-secure-enclave-and-how-does-it-protect-my-iphone-or-mac/

        Another scenario I thought of actually happened to my roommate. His ex somehow got into his phone (don't ask me the details of that. I think she knows his passcode.) and started forwarding all of his incoming calls to her phone. It was so simple I couldn't think of how it was happening until verizon told him to enter *68 to stop forwarding.
        https://www.verizon.com/support/residential/homephone/calling-features/star-codes-other-features

        Whatever you do, if you set a passcode and then setup fingerprint scanning, don't forget that passcode. It is used in other areas of settings for the phone and sometimes as verification for iCloud logins.

        But you're right. If someone steals your phone, they're not looking to sign into your accounts. They're looking to sell your phone. The danger of someone trying to get into your accounts is than likely going to be someone like in my roommate's scenario. However, with a passcode the thieves cannot erase your phone in any simple way I know of. Furthermore, if you have an apple ID signed into the phone if it gets erased, you'll be the only person who can unlock it after the erasure. I try to urge people that don't want to use iCloud to use it only for the find my phone feature. If it's lost or stolen, you can essentially brick the phone if need be. There are all sorts of interesting accounts from victims of theft and the features of iCloud.

        I know, it's buzzfeed, but I find it to be an interesting story.
        https://www.buzzfeed.com/mjs538/i-followed-my-stolen-iphone-across-the-world-became-a-celebr

        Have a good day!

        1. Pilgrim
          Link Parent
          Thank you! Everyone is upset that I think no one cares about their personal lives. Most strangers just won't bother as they're after quick cash so the threat of someone messing with your personal...

          But you're right. If someone steals your phone, they're not looking to sign into your accounts. They're looking to sell your phone.

          Thank you! Everyone is upset that I think no one cares about their personal lives. Most strangers just won't bother as they're after quick cash so the threat of someone messing with your personal life is coming from people close to you.

          1 vote
  12. [3]
    edca5
    Link
    I own an Android phone and I use the drawing code because otherwise it would just unlock itself when it's in my pocket. It is a middle way between having a long code and a fast way to unlock your...

    I own an Android phone and I use the drawing code because otherwise it would just unlock itself when it's in my pocket. It is a middle way between having a long code and a fast way to unlock your phone.

    5 votes
    1. [2]
      Pilgrim
      Link Parent
      I use an old iPhone and have not really experienced this so I wonder if that sensitivity is due to the manufacturer/OS.

      just unlock itself when it's in my pocket

      I use an old iPhone and have not really experienced this so I wonder if that sensitivity is due to the manufacturer/OS.

      3 votes
      1. edca5
        Link Parent
        Unlocking an iPhone is different than unlocking an Android phone. Apple uses the slides to unlock that is quite difficult to activate accidentally. Android instead uses a simple swipe to unlock,...

        Unlocking an iPhone is different than unlocking an Android phone. Apple uses the slides to unlock that is quite difficult to activate accidentally.
        Android instead uses a simple swipe to unlock, and the swipe can start anywhere on the screen and then it needs to move for 1-2cm (less than half a inch), so an accidental unlock can happen anytime. Or maybe my butt just wants to look into my phone, who knows.

        7 votes
  13. [4]
    Luna
    Link
    I use Google Pay, which requires a password, and I want to make sure my friends and family can't easily snoop through my phone. Plus, if someone steals it, I have a fighting chance of being able...

    I use Google Pay, which requires a password, and I want to make sure my friends and family can't easily snoop through my phone. Plus, if someone steals it, I have a fighting chance of being able to get it back since they won't be able to remove my accounts without a factory reset (which most casual thieves do not know how to do).

    5 votes
    1. [3]
      temporalarcheologist
      Link Parent
      where are we getting this casual thieves assumption? if someone recognizes the worth of a particular cell phone model I think they'd be able to plug it in to a desktop and install a "password...

      where are we getting this casual thieves assumption? if someone recognizes the worth of a particular cell phone model I think they'd be able to plug it in to a desktop and install a "password recovery tool"

      physical access = no security

      2 votes
      1. [2]
        Luna
        Link Parent
        I remember hearing on NPR that most home robberies are walk-ins, and the easiest way to deter them is by locking your door. Any dedicated thief will be able to get in to your home (even "high...

        I remember hearing on NPR that most home robberies are walk-ins, and the easiest way to deter them is by locking your door. Any dedicated thief will be able to get in to your home (even "high security" doors can be easily outsmarted), but most aren't going to risk making a scene by busting down the door, breaking windows, or trying to find a way to open your door from the outside (or break in when you're home and risk you calling 911 and/or being armed). By extension, if a thief sees your phone is not protected by a password, it's much easier to resell.

        Any thief who did some research could wipe your device, pull the SIM, and change the IMEI, but considering how few thieves learn how to pick a lock (and most of our locks aren't all that strong), I doubt they'd be much smarter with a smartphone.

        3 votes
        1. trazac
          Link Parent
          There is a similar idea with motorcycles. Just having a cover on the bike, one that is generic and doesn't loudly advertise what brand of bike it is, will deter almost all thieves from stealing....

          There is a similar idea with motorcycles. Just having a cover on the bike, one that is generic and doesn't loudly advertise what brand of bike it is, will deter almost all thieves from stealing. Even if it has no visible locks on it to keep it from moving. The simple act of undoing a cover, checking out the bike, and then putting it back puts the thieves life in danger so they just don't do it.

          4 votes
  14. [2]
    Kraetos
    Link
    I didn't, until Touch ID and later Face ID made locking it no less convenient than not locking it. That said, that happened in 2013. Back then I didn't have credit cards and passwords stored on my...

    I didn't, until Touch ID and later Face ID made locking it no less convenient than not locking it.

    That said, that happened in 2013. Back then I didn't have credit cards and passwords stored on my phone, nor did I use my phone for 2FA on other secure systems. Once I knew my phone was secure, I started putting sensitive things on it.

    5 votes
    1. trazac
      Link Parent
      I think this is an important comment we sometimes ignore. So many people are comfortable putting out all kinds of information on a device that's so easily lost but don't lock it. Personally, I...

      I think this is an important comment we sometimes ignore. So many people are comfortable putting out all kinds of information on a device that's so easily lost but don't lock it. Personally, I would install and uninstall my bank app when I needed it because I wasn't comfortable having it on my phone and I really hated entering a lengthy password or drawing a picture every time I went to use my phone. On top of that, I don't find 4 digit pin numbers to be very secure.

      Once I knew the phone was secure from just about anyone who could pick it up and start using it, I felt much more comfortable. On top of that, unlocking my phone with the biometric sensor is just straight up faster now.

      3 votes
  15. Bub_Wub
    Link
    I'm just a paranoid dude who doesn't like the idea of people being able to snoop through my stuff. That's all it is for me.

    I'm just a paranoid dude who doesn't like the idea of people being able to snoop through my stuff. That's all it is for me.

    3 votes
  16. [3]
    Emerald_Knight
    Link
    Honestly, my electronic devices are essentially an extension of my own mind. Someone who digs through any of my devices can learn about what kinds of things I think about or am interested in, find...

    Honestly, my electronic devices are essentially an extension of my own mind. Someone who digs through any of my devices can learn about what kinds of things I think about or am interested in, find out what kinds of things are important to me, and dig up personal secrets that I don't want them knowing about. They can see who I've talked to and when, access my personal accounts, and rummage through personal files. Things that would ordinarily only exist in my memories, things I've never even said or shared with anyone, are stored physically and can be peered through pretty easily.

    Someone accessing my devices is thus the greatest possible invasion of my privacy.

    My mental space is the only source of privacy that I truly have. It's the only space that is, and always has been, completely my own. I want to safeguard that.

    3 votes
    1. [2]
      Pilgrim
      Link Parent
      These comments always remind me of the phrase "everyone is the main character in their own lives." I wonder truly how interested others are in our "secrets." I suspect we're all fairly mundane.

      Honestly, my electronic devices are essentially an extension of my own mind. Someone who digs through any of my devices can learn about what kinds of things I think about or am interested in, find out what kinds of things are important to me, and dig up personal secrets that I don't want them knowing about. They can see who I've talked to and when, access my personal accounts, and rummage through personal files. Things that would ordinarily only exist in my memories, things I've never even said or shared with anyone, are stored physically and can be peered through pretty easily.

      These comments always remind me of the phrase "everyone is the main character in their own lives." I wonder truly how interested others are in our "secrets." I suspect we're all fairly mundane.

      1 vote
      1. Emerald_Knight
        Link Parent
        It's not about whether or not someone is interested in them. It's the principle of the matter and the peace of mind that comes with having a space that people can't simply intrude upon. It's the...

        It's not about whether or not someone is interested in them. It's the principle of the matter and the peace of mind that comes with having a space that people can't simply intrude upon. It's the same reason I feel more comfortable being able to lock my apartment door before heading to work. I'm not paranoid that people are just waiting for me to let my guard down, I just like knowing that my privacy is secured.

        It may help to have the context that my privacy was never guaranteed in the past and that uncertainty has permeated most aspects of my life. Safeguarding my privacy gives me one point of certainty that can't easily be taken away.

        2 votes
  17. [7]
    JuniperMonkeys
    Link
    I basically lock my phone because Face ID (and before that, Touch ID) isn't an inconvenience at all. The way I'd open my pre-Touch ID iPhones was poke-swipe, then Touch ID made that poke, and now...

    For me it's cost/benefit - swiping/fingerprinting/face IDing multiple times a day is not worth the slim chance that my phone is stolen by someone who going to use the info in it for something nefarious.

    I basically lock my phone because Face ID (and before that, Touch ID) isn't an inconvenience at all. The way I'd open my pre-Touch ID iPhones was poke-swipe, then Touch ID made that poke, and now with Face ID it's just swipe. Likewise authenticating in apps; rather than enter, say, my 1Password master password, it's just a .5 second Face ID check when I launch the app.

    I never used PINs because they were annoying, but the biometric stuff has been, if anything, a time saver over opening my phone the "old" way.

    2 votes
    1. [6]
      frickindeal
      Link Parent
      I don't even swipe with Face ID and Raise to Wake. I just look at the phone. Absolutely no inconvenience at all. It really couldn't be any simpler. Behind Face ID are: Unlock the phone iTunes and...

      I don't even swipe with Face ID and Raise to Wake. I just look at the phone. Absolutely no inconvenience at all. It really couldn't be any simpler.

      Behind Face ID are:

      • Unlock the phone
      • iTunes and App Store (can't buy any apps or iTunes content)
      • Apple Pay
      • Password Auto-Fill
      • Firefox Focus

      Without my actual face or a 6-digit passcode, you can't do much with my phone, and I really like that security.

      1 vote
      1. [2]
        trazac
        Link Parent
        There is an inconvenience of needing to pick up the phone in order to use it. Not a huge deal and my phone has the same problem because the biometric sensor is on the back. A lot of people hated...

        There is an inconvenience of needing to pick up the phone in order to use it. Not a huge deal and my phone has the same problem because the biometric sensor is on the back.

        A lot of people hated the iPhone X because it removed the button which allowed people to unlock it while sitting on your desk or whatever.

        Still not a big deal, but when every phone is almost exactly the same these days little issues like this can change minds.

        1 vote
        1. frickindeal
          Link Parent
          Yes, I've heard that complaint, but it's not something that I do very often (try to look at a phone that's flat on the table instead of picking it up). I also don't get 250 notifications a day, so...

          Yes, I've heard that complaint, but it's not something that I do very often (try to look at a phone that's flat on the table instead of picking it up). I also don't get 250 notifications a day, so it's not a big deal.

          I love the fact that "I have to slightly move the phone" is a complaint for some people, but here we are.

          2 votes
      2. [3]
        StellarTabi
        Link Parent
        Firefox Focus is terrible, you're better off using regular Firefox (and/or nightly)'s incognito and installing extensions like ublock origin. You can't even disable js in focus last I checked.

        Firefox Focus is terrible, you're better off using regular Firefox (and/or nightly)'s incognito and installing extensions like ublock origin. You can't even disable js in focus last I checked.

        1 vote
        1. frickindeal
          Link Parent
          I didn't really know that. I'll look into it. iOS circles were all over it a few months ago, and I just switched from Android to iOS, so I downloaded it. I also have regular FF on my phone with...

          I didn't really know that. I'll look into it. iOS circles were all over it a few months ago, and I just switched from Android to iOS, so I downloaded it. I also have regular FF on my phone with ublock origin, and also have AdGuard on the phone. I haven't seen an ad yet in Safari or FF. I'm not super paranoid on phone browsers because I do very little internet browsing on the phone.

          1 vote
        2. starchturrets
          Link Parent
          Extensions are not supported on iOS.

          Extensions are not supported on iOS.

  18. toly
    Link
    For me and funny enough for my parents the reason we started locking our phones was the same. My kids would constantly want to play on the phones when we weren't looking so we added pass codes so...

    For me and funny enough for my parents the reason we started locking our phones was the same. My kids would constantly want to play on the phones when we weren't looking so we added pass codes so they couldn't get in whenever they wanted and it keeps them off the phone a little more.

    That's what I started with way back when but at this point it really has morphed into a complete picture of my life and basically all that is needed to wreak havoc on my life. My email is constantly logged in so resetting passwords and gaining access to financial or social media accounts would be trivial. 2FA is also on the phone so everything that is "more secure" would also be at risk at that point.

    2 votes
  19. [2]
    Comment deleted by author
    Link
    1. Pilgrim
      Link Parent
      That's truly what I fear lol

      On a lighter note a friend that didn't lock their old flip phone, someone else got their hands on it during a party and renamed all 100 odd contacts to Pokemon which was a complete pain in the ass to fix.

      That's truly what I fear lol

      1 vote
  20. [2]
    trazac
    (edited )
    Link
    I think other people have covered most of what I do and why, but I want to add some commentary. First, I keep my phone locked to keep my sensitive information from being stolen. There is a lot of...

    I think other people have covered most of what I do and why, but I want to add some commentary.

    First, I keep my phone locked to keep my sensitive information from being stolen. There is a lot of personal information on my phone both about me and my life. I'm not that concerned about having my identity stolen, but my phone does use 2FA for some things, although I doubt it could be easily used against me. I mostly don't want people learning too much about me, which is an important security we often forget about.

    I have an LG G5 which has a biometric sensor on the back. I started using it because it was cool, but honestly now it's just straight up faster than other unlocking methods for my phone. Pushing the button and then swiping up (the swiping up can be disabled for faster use, but also disables any protection from getting unlocked in my pocket) is at best half the speed of just using the sensor to open the phone.

    On top of that, I use Last Pass as a password manager and it can also use my fingerprint to unlock my passwords. That is much faster than typing in my password (which is 27 characters long) every time I need to log into Amazon or my bank. There are other apps that can also use the biometric sensor to be unlocked, but I don't know of many.

    Lastly, it's far easier to allow my wife to have access to my phone when or if she needs it. I can add multiple fingers to my phone, so I have one for each of my hands and one for my wife. This way she doesn't have to learn a passcode or drawing to get into my phone, and I don't have to tell her one, so the only person who knows the backup method is me. I can also easily revoke access if needed (not that I need to from my wife.)

    Edit: After rereading the body of your post, I find it to be very condescending. While I don't think my life is that interesting or unique, I still don't want the embarrassing personal details that are on my phone getting into anyone's hands. They're not all just about me either, I have emails and texts store on my phone that reveal details about other people's lives. I have some responsibility to keep that secure as well. I don't need to allow people access to my phone just because my life is uninteresting.

    2 votes
    1. Pilgrim
      Link Parent
      Very cool. I'll check that out. Not intentional but I can see that after re-reading it myself. I'll try to adjust it to sound less so.

      On top of that, I use Last Pass as a password manager and it can also use my fingerprint to unlock my passwords. That is much faster than typing in my password (which is 27 characters long) every time I need to log into Amazon or my bank. There are other apps that can also use the biometric sensor to be unlocked, but I don't know of many.

      Very cool. I'll check that out.

      After rereading the body of your post, I find it to be very condescending.

      Not intentional but I can see that after re-reading it myself. I'll try to adjust it to sound less so.

      2 votes
  21. wesley
    Link
    In addition to all of the security concerns already mentioned, I'm required to by my work. The phone itself is provided by my job and we do a lot of government/military work. Due to this, I must...

    In addition to all of the security concerns already mentioned, I'm required to by my work. The phone itself is provided by my job and we do a lot of government/military work. Due to this, I must have encryption enabled and the phone locked at all times.

    2 votes
  22. witchbitch
    (edited )
    Link
    My phone is an extension of my mind. It isn't about money or contacts. It's about conversations, notes, recordings, apps, histories, emails, photos, location history. It has the conversations I...

    My phone is an extension of my mind. It isn't about money or contacts. It's about conversations, notes, recordings, apps, histories, emails, photos, location history. It has the conversations I had when I was first getting to know my girlfriend, it has the conversations I had when I was steadily losing a friend to schizophrenia, it has the photos I took when I was bored in class right next to the photos I took of my sister curled up asleep after her last panic attack and my parents were worried about her. Yeah sure it has my banking data but to be honest, I'm a lot more concerned about my messaging history. Money comes and goes but how someone thinks and feels is infinitely more important. My bank cards are easily steal-able, and I would be pissed off beyond words if someone stole them or my phone to access my money, but it wouldn't hurt me deep down like having a bit of my mind broken into and rifled through.

    That's the thing about phones today - because they're an extension of all your internet and phone activity, and because of how we USE the internet and our phones and messages, they're an extension of our brains. And I don't want my brain hacked into and stolen, thanks. So I absolutely lock my phone, because on no account am I allowing anyone in there but me. Even my partners don't know my code, and I don't know theirs.

    EDIT: It's interesting (and patronising, to tell the truth) that you presume everyone's life is boring and dull. You really don't know anything about us. How can you presume to know that we are "uninteresting"? Everyone, everyone is interesting if you actually take the time to learn about them - and you WILL learn about them, if you have access to their phone. The fact that you have not yet built up that kind of reliance doesn't make you a better person. I'm quite sure in time you will. But don't presume that everyone is "just being their own main character" and must be a boring person secretly, who cares about them right? You don't know. You don't know anything about them or their life. So don't just assume that's the case.

    2 votes
  23. [2]
    OzPoider
    Link
    I have no choice in locking my phone. I am allowed to use it for personal use. It is an Australian Federal Government device, and all iPhones are hardened in accordance with the Australian Signal...

    I have no choice in locking my phone. I am allowed to use it for personal use.

    It is an Australian Federal Government device, and all iPhones are hardened in accordance with the Australian Signal Directorates (ASD) requirements.

    https://acsc.gov.au/publications/protect/ios-hardening-guide.htm

    2 votes
  24. kingofducks
    Link
    Just like everyone else has said, my phone contains a lot of information and passwords I'd prefer to keep to myself. Also, having a lock is some sort of deterrent from theft as they can't use it...

    Just like everyone else has said, my phone contains a lot of information and passwords I'd prefer to keep to myself. Also, having a lock is some sort of deterrent from theft as they can't use it (without putting in work) unlike an unlocked phone where they can pick it up and have some use to it.

    1 vote
  25. [5]
    Weldawadyathink
    Link
    I don't. Kinda. I used to have a very similar mindset as you do. But now I have a phone with a rear fingerprint reader. My finger goes to the reader when I grab my phone from my pocket. My phone...

    I don't. Kinda.

    I used to have a very similar mindset as you do. But now I have a phone with a rear fingerprint reader. My finger goes to the reader when I grab my phone from my pocket. My phone is unlocked and open faster than it would be with a power button + swipe. The few times it doesn't work, it is very quick to move my finger and rescan. The few situations where it is very inconvenient, such as wearing gloves while skiing, I very rarely need to use my phone, and just use my pin.

    I am not saying you should go out and buy a phone just for a fingerprint reader, but consider it when you do decide to purchase a new one. With a modern device, security is literally better than no security 95% of the time. The other 5%, it is only slightly worse than no security. That is a small price to pay for protection from an attack of convenience. As others have said, a pin or fingerprint will not protect you from the NSA or similar attacks. But it will give you more time to track down your lost phone before someone factory resets it.

    1 vote
    1. [4]
      Pilgrim
      Link Parent
      Am I the only one with the fingerprint or does Samsung/Apple get a copy as well? Obviously I need to research this option a bit more.

      Am I the only one with the fingerprint or does Samsung/Apple get a copy as well? Obviously I need to research this option a bit more.

      1 vote
      1. [3]
        Weldawadyathink
        Link Parent
        I am not sure, but I can tell you what I think I know. That being said, I think I am in the "just enough knowledge to be dangerous" for this topic, so take what I say with a gigantic lump of salt....

        I am not sure, but I can tell you what I think I know. That being said, I think I am in the "just enough knowledge to be dangerous" for this topic, so take what I say with a gigantic lump of salt.

        Nobody has access to your fingerprint except your finger. It is very much like using a password on a well designed website. Google cannot access your password. Google stores a hash of your password. You can convert a password (or fingerprint) into a hash, which is how they verify you have the correct password, but it is impossible to convert a hash into a password (theoretically it is possible, but it would take a super long time even with every single computer and supercomputer on the planet working on a single hash). So your phone has a hash to be able to verify you used the correct fingerprint, but it has no access whatsoever to your fingerprint.

        1 vote
        1. Catt
          Link Parent
          Just make sure you're not using a glossy phone cover :p

          Nobody has access to your fingerprint except your finger.

          Just make sure you're not using a glossy phone cover :p

          2 votes
        2. Pilgrim
          Link Parent
          Thanks! I trust Apple and Samsung to design that correctly, so I may move to that :)

          Thanks! I trust Apple and Samsung to design that correctly, so I may move to that :)

          1 vote
  26. emacsomancer
    Link
    Because it has at least some sensitive information in terms of email and being my 2FA device. But I'd never user fingerprint or face unlock (at least not except in conjunction with an actual...

    Because it has at least some sensitive information in terms of email and being my 2FA device. But I'd never user fingerprint or face unlock (at least not except in conjunction with an actual passcode/passphrase).

    1 vote
  27. floppy
    Link
    Why would I not lock my phone? I don't want someone who gets their hands on it to be able to look through all my messages and porn.

    Why would I not lock my phone? I don't want someone who gets their hands on it to be able to look through all my messages and porn.