You need a password on your phone. Now, let me explain why.
If you’re like me, you probably have a smartphone with all sorts of communications apps on it. I sync most of my email accounts to my phone, along with my Facebook messenger, Twitter, WordPress, Amazon, and even my bank’s mobile app. I don’t just have these things on my phone, I use them all the time. I use my Amazon app to receive push notifications for package shipments, messenger app to keep on touch with people, Twitter for obvious reasons, and bank app so I can check my balance on the go. I also have an app for a forum where I am a moderator (an app which I am continuously logged into). Oh, and I’m writing this paragraph with the WordPress app. There are a couple other apps which I use for personal purposes which I won’t mention, but one of them does contain sensitive information about myself that could prove embarrassing at best and disastrous at worst if it were seen by another person. Oh, and my phone is chocked full of pictures containing personal information like my face, my car’s license plate, the inside of my apartment, etc.
What would happen if I lost my phone?
Suppose a random stranger were to pick up my phone. At this point, the odds of me getting it back are fairly slim. There are some kindhearted people out there who will contact you (probably using your messenger app) to let you know they found your phone. However, I can’t simply rely on the kindness of others, and neither should you. Even if somebody did return your phone, you’d still want to change all of your passwords to anything linked to your phone, even websites you visit in your browser app. There’s no knowing what they may have accessed, but the security of anything they would have had access to by having your phone has just been compromised and your passwords should all be changed. Now let’s look at what could easily happen if someone with slightly-more-ill intent were to pick up my phone and discover that I didn’t have it locked with a password.
Like you, I have my apps grouped together on my home screen. One of those groups I wittily labeled “buy stuff”, and it contains two apps: Walmart and Amazon. The Walmart app I am not concerned about because I would never trust Walmart to store my credit card information in the first place, especially when I can just drive across town for something. Amazon, however, does have my credit card information and, unlike the official website, the app does not prompt the user to re-enter their password prior to checking out. This means somebody could go on my Amazon app, fill a cart with whatever they wanted, enter their own custom shipping address (though this could easily be used to track the culprit later, it would still be a huge hassle for me) and check out using my debit card which I have stored with Amazon. Oh, and with how easy Amazon is to use, they could empty my bank account in a matter of minutes. The other app that would allow access to my financial information would be my bank app. Although it does require a password for each use, it still bypasses two other layers of security that a person would normally have to go through using the website: the username and security questions. Not very safe.
Now let’s move onto the social aspect of things.
I don’t have the Facebook app in my phone, and don’t have my browser store my Facebook password for whenever I want to use the mobile site (which, by the way, tends to be faster than the app), so that’s one less thing I’d have to worry about if someone else had my phone. However, I do still have the messenger app, which would allow them to talk to anyone in my contacts. While I don’t tend to wrap my identity around my reputation, a malicious stranger could easily ruin your reputation by reading your conversations with people to learn how you tend to communicate in writing, and then spoofing hateful messages to them. Talk about damage control. If you do have the Facebook app, they could easily post those embarrassing photos of yourself that you have stored in your phone. They could do the same with your Twitter, Instagram, Snapchat, etc. They could publish certain blog posts that I’ve chosen to leave in draft. Oh, and did I mention how I’m a forum moderator and have the forum’s mobile app on my phone? If a malicious person went into this app, they could gain access to moderator menus that could allow them to do some damage to the forum (deleting threads, moving things around, etc.)
But the issue goes deeper.
I’m talking about your email. If you have your email linked to your phone, someone could easily use this to change the passwords to most everything else you have linked to your phone, and thus completely hijack all of those accounts. Suppose, in my case, they used it to change the passwords to my bank, Amazon, Facebook, WordPress, Soundcloud, Forum, and Twitter? Now suppose they go ahead and change the passwords to my email accounts? Since most everything I do happens electronically, they would have effectually just hijacked my life, and I would have little to no way of actually gaining it back. But wait, I have two-step verification! Oh wait, they have my phone, so they can get around that now too. And if they changed my email passwords, they could go into a regular browser, sign in as me, and have all of my bookmarks and websites load into their computer. It would even give them access to my student portal and student email. And yes, somebody can ruin your academic reputation this way, should they so choose. Of course, there still remains the things that phones do even without apps: calls and text messages. Let me ask, how often do you clear your call logs? If you answered, “never,” don’t worry, you’re standing in line with millions of other people who could easily have someone go through and find out who they’ve talked to.
Okay, okay, but nobody’s really going to do all that, are they?
The simple answer is this: if it’s possible, somebody will do it. Perhaps not everybody, but certainly somebody. And this is a reality that must be understood: if you fail to protect your phone, you are opening yourself up to a world of grief.
Fortunately, protecting your phone is incredibly simple.
A PIN, a Password, or even (I wouldn’t recommend this) a Pattern are all ways of keeping your phone safe from a random stranger picking it up and immediately hijacking your life. So which one is the safest? A password will always be the most secure way to protect your phone from access. A PIN is also safe, depending on how many digits you use. A pattern is not nearly as secure, because somebody could possibly just look at your finger streaks across the surface of the phone and analyze it to figure it out, and there are far less possibilities for what a pattern could be when compared to PINs and passwords.
My recommendation? Use a PIN. Why? Well, they’re easier to type in than passwords, and if you’re creative, it can still be secure. Think of a word or phrase. Now type that in with the numbers (referring to the letters below them) and make that your PIN. It may not stop a determined hacker (though a determined hacker could just, you know, hack their way past your security), but it’ll stop that random stranger who picks up your phone from stealing your identity and making your life miserable.