We already knew that hackers targeted us on our desktops, but, in the aftermath of the News of the World phone-hacking scandal, we’ve entered a new frontier in hackery.
However, there is good news: Because today’s smartphones so closely resemble computers, a lot of the best practices for the desktop apply to your Android or iPhone. Here are five easy ways to keep your mobile data safe and secure.
1. Set a password.
Take out your phone. Swipe to unlock it. If that’s all it takes to get in, you’re at risk. Sure, it’s quicker to skip the passcode, but setting a lock on your phone is an easy way to protect your device—and your data—from prying eyes. It’s also an easy compromise: Entering a passcode takes precisely two seconds, and those extra seconds will protect you in case of a barstool incident. The next step, of course, is to ratchet up password security throughout your phone. If an application that accesses sensitive data requires a password, entering it manually gives you one more firewall between your mobile identity and everyone else.
2. Make it strong.
We’ve covered a number of ways you can get the most out of your desktop passwords; the same basic rules apply on your phone. Avoid words you can find in the dictionary and try not to use numbers or letters in the order they appear on your keyboard (e.g. “12345” or “qwerty”). If it’s personal, it’s not powerful: Don’t use friend, relative, or pet names, dates of import (birthday or anniversary), or cities or sports teams. If you have a riff on any of the following terms, change it now: “god,” “money,” “love,” “monkey,” “letmein,” or “password.” Lingering doubts? Check the strength of your password.
When it comes to the four-digit passcode in particular, here’s a counterintuitive tip: Repeat one of the numbers. Because there will only be tap prints on three buttons, your security is (much) improved because a hacker would have to either guess the non-existent fourth number or locate the three independent numbers and pursue them in all their possible permutations. For the game theory behind the tip, check out Mind Your Decisions.
3. Change it regularly.
As with fashion, there’s a password for every season. A good rule of thumb is to change your passwords every time you buy a new pair of socks. Be sure to diversify your passwords, also: You have different accounts, so why not different passwords? This way if one account gets hacked, the rest stay secure.
4. Require a voicemail PIN.
If there’s one thing that’s clear from the News of the World hack, it’s that potential intruders still care about voicemail. While mobile operators may not authenticate caller ID, changing your phone settings to require a PIN when checking your voicemail will put a barrier between you and a Caller ID Spoofer.
5. Stay current.
In the case of both the iPhone tracking and DroidDream nightmares, mobile OS vulnerabilities were discovered and exploited. In the aftermath, however, both Apple and Google released patches through OS updates that plugged the holes. Protecting yourself is as easy as staying current. Sometimes this is easier said than done: Because manufacturers skin Android devices, not all updates roll out concurrently; however, once you do receive an upgrade notification, install it immediately—in addition to new features, you’ll ensure security. And now that iOS will support over-the-air updates, iPhone customers have no excuse to shirk OS updates.