this post was submitted on 11 Jun 2024
208 points (97.7% liked)

Asklemmy

43808 readers
784 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
 

Give us the cheat codes to your industry/place of work!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 45 points 5 months ago* (last edited 5 months ago) (18 children)

I work in information security.

Don't use biometrics to secure your devices. Biometrics are a convenience feature to make it easier to access your device. Biometrics are NOT security. You can be compelled to unlock your device by having it pointed at your face or your finger forced onto the reader. Don't do it.

Use 2FA/MFA everywhere you can. If it's an option, turn it on.

Use a password manager that generates strong passwords and use a different password for every service you use.

Update, update, update. Allow your devices, OSes, and software/applications to update automatically.

Talk to your parents about safe surfing. Tell them that their bank won't send them an email or text asking them to send personal information. Set a password with your family to identify them if they are in trouble and need help. Tell parents and grandparent not to send you bail money to get you out of jail in Morocco.

Teach your kids that everything they post on the internet is public and permanent. Teach them that if they do something that they think will get them in trouble and someone is blackmailing them that it's better to tell you and ask for help than to give in to the blackmailers.

[–] [email protected] 18 points 5 months ago* (last edited 5 months ago) (7 children)

Regarding biometrics, I’ve felt that one advantage is that if I’m in a public space, I don’t have to worry about someone watching me enter my password over my shoulder. If I got into a situation where someone is physically overpowering me to get my finger onto my device against my will, I’m probably going to give them whatever password they want so I don’t get a beat down.

[–] [email protected] 4 points 5 months ago* (last edited 4 months ago) (6 children)

That's a threat and risk assessment. You've decided you're willing to accept the risk of anyone being able to unlock your phone. For me, I'm not really worried about someone in the street strong arming me. I'm more worried about a state actor, border guard, police officer, etc demanding that I unlock my phone. They can physically compel you to unlock your phone by pointing it at your face or putting your finger on the pad but they cannot compel you to give them your password.

[–] [email protected] 5 points 5 months ago* (last edited 4 months ago) (1 children)

I’m probably preaching to the choir, but for those who don’t know, at least on an iPhone and I’m sure android has something similar, if you foresee the situation coming you can just hold the sleep/wake button for a few seconds (even while your phone is in your pocket) and it will require the passcode and not allow biometrics.

Edit: my memory, it’s the sleep/wake button and volume down. Similar to android as per the below.

[–] [email protected] 4 points 4 months ago

For android it's power+volume up to bring up the power options menu (shutdown, restart, etc) and there is a "lock down" option that disables biometric unlock.

Wish I could do it with one hand, but good to know it's there.

load more comments (4 replies)
load more comments (4 replies)
load more comments (14 replies)