Passwords. I personally hate them. Typing in a combination of letters, numbers, and very possibly symbols to access software, hardware, or accounts to secure you against nefarious individuals or groups is right up there with other time wasting chores like waiting for a driver to vacate their parking spot or waiting for your carrier to release an update to your phone that everyone else seems to have (I'm looking at you, Fido).
Not that Fido
My iPhone was protected by a simple four digit password which my son was able to figure out. Newer iPhones use a fingerprint which I've heard was bypassed by other people's children. A friend of mine has an Android. His password took me three tries before I discovered what his password was. And now, according to the smart folks at Syracuse University, using a smart phone in public can be defeated by what is called spatio-temporal dynamics.
Spatio-temporal dynamics is a cool sounding phrase which involves artificial intelligence calculating the distance and relationship of objects. Unfortunately for smart phone users, it means that it can guess with alarming accuracy what your password on your phone is (ten guesses averages a success rate of 94%). Now I'm sure that your average smart phone user won't have this happen to them, but what about politicians? What about government officials? Diplomats? Captains of industry? Simple four digit passwords or even swiping your digits across a screen in a pre determined way are easily defeated in more ways than using a camcorder and spatio-temporal dynamics. For example:
- Malware on your phone. Key loggers can take your movements across the screen on your mobile device and easily decode your password. Of course, you'd need to download it on your phone first. I've never knew a person that downloaded one on purpose. Usually it's attached to a free piece of software. But the Chinese version of Flappy Bird was totally worth it, right?
- Connecting to a computer. Speaking of key loggers, the granddaddy of downloading free crapware is still the PC. Go ahead, open that email from Africa that claims that you may have already won the jackpot to a lottery that you never even entered. Create a back-door for villains to access your computer. I mean, honestly. Life savings are totally overrated anyway.
- Shoulder-surfers. Ah, transit. Not only do you have to worry about someone stealing your wallet or rubbing against you, you have to enter your password to play that Chinese rip-off of Flappy Birds sometime, right? It might as well be beside total strangers watching you enter your password. And seeing that tethers on phones are so last century, that person can simply pry it from your hands at the next stop.
- Smudged fingerprints. I'm constantly cleaning my glass stove top and my stainless steel appliances. If I miss a day cleaning those things it's no big deal. Not so on mobile devices. Clean the screen on your phone then enter your password. Go ahead, I'll wait. Now type or swipe your password. Now turn off your screen. Dollars to donuts you will probably see smudges. The same smudges that can be used to hack into your phone. Sure, if you are going to play the counterfeit version of Flappy Bird after typing or swiping your pass code there will be more smudges, but what if it was just to check if there was a message?
- Emails. Again, back to emails. Emails aren't places to save your passwords. Yet people still use that semi secured place to store passwords and more. Sure, it's convenient, but definitely not secure. Ask Sony Pictures Entertainment. I'm sure that they will tell you the same thing.
Surely there must be a better, more secure way to enter a password. After all, we've had to do it for years now. You'd think that a manufacturer would come up with a better mousetrap by now.
When I finally received BlackBerry 10 OS version 10.2.1 for my Q10 I was finally allowed to use Picture Password, BlackBerry's answer to a better mousetrap. For those of you who haven't seen it, it is a static picture of your choosing with a dynamic overlay of random numbers where you move your chosen single number to a spot on the screen that you previously chose. It is simple to set up and even easier to use.
The first day that I started using it I left my BlackBerry around the house and in the office, protected by Picture Password. On more than one occasion I picked it up after someone tried, unsuccessfully, to guess my password five times. I even showed my password to co-workers, friends, and family how to unlock my phone and handed it back to them. Not one person could unlock my phone.
The true beauty of Picture Password is that you have five chances to enter your Picture Password. If you had too much to drink or your toddler grabbed your BlackBerry it will, after the fifth attempt, ask you to enter the word, "blackberry." Thankfully toddlers and drunks have issues with spelling so it won't delete all your data on the phone. Once you correctly enter "blackberry" it brings you to a new screen where you need to type in your password. Without that password not even HYDRA can access your phone.
Sorry Red Skull. No Candy Crush for you.
Here's a free tip for when creating a password for your BlackBerry. Don't forget it. After ten tries your BlackBerry will delete everything on the phone. Don't try to turn it off and on again, hoping that it goes back to the first try. It won't happen. I've seen my BlackBerry at nine tries out of ten. I'm sure that someone was watching me sweat as I entered my password.
You can read more tips & tricks regarding using Picture Password on the Inside BlackBerry blog.