On the go and no time to finish that story right now? Your News is the place for you to save content to read later from any device. Register with us and content you save will appear here so you can access them to read later.
One consequence of the Apple vs FBI drama has been to shine a spotlight on the security of smartphone lockscreens.
The fact that the FBI managed to hack the iPhone of the San Bernardino shooter without Apple's help raises questions about whether PIN codes and swipe patterns are as secure as we think.
In fact, they're probably not as secure as we'd hope. No device as complex as a smartphone or tablet is ever completely secure, but device manufactures and developers are still doing their best to keep your data safe.
The first line of defence is your lockscreen, typically protected by a PIN code or password.
When it comes to smartphones, the humble four-digit PIN code is the most popular choice. Unfortunately, even ignoring terrible PIN combinations such as "1234", "1111" or "7777", four-digit PIN codes are still incredibly weak, since there are only 10,000 unique possible PINs.
If you lose your device, and there are no other protections, it would only take a couple of days for someone to find the correct PIN through brute force (i.e. attempting every combination of four-digit PIN).
A random six-digit PIN will afford you better security, given that there are a million possible combinations. However, with a weak PIN and a bit of time and luck, it's still possible for someone to bypass this using something like Rubber Ducky, a tool designed to try every PIN combination without triggering other security mechanisms.
Checks and balances
Fortunately, there other safeguards in place. On iPhones and iPads, for instance, there is a forced delay of 80 milliseconds between PIN or password attempts.
And after 10 incorrect attempts, the device will either time-out for increasing periods of time, lock out completely, or potentially delete all data permanently, depending on your settings.