Recently I am really focused on my habits. I try to weed out bad ones, and at the same time introduce and nurture good ones. I learned the theory reading first Charles Duhigg’s – The power of habit and later James Clear’s – Atomic Habits (by the way, I recommend both books to everyone!), and right now I am putting their tips and rules to practice – all the way from taking daily walks early in the morning, to spending less time with smartphone and tablet when with my family.
I also started thinking about putting their theory into practice in the mobile security world. So what are the most beneficial security habits one can develop when using a smartphone? Some of my initial thoughts are:
1. Locking the phone every time we put it away.
It is important to first of all set up not-so-obvious passcode on your phone (6 digits are a bare minimum), but once this is done start clicking the power button every time you stop checking your phone and either put it on your desk or into your pocket. If you do not do it your device is not password protected for quite some time afterward. To understand how someone could take advantage of this, imagine just setting the phone on the bar and going to the restroom for only 90 seconds – what info can you get from an unprotected phone in 90 seconds – believe me – a lot!
2. Making the habit effortless
James Clear defined 4 laws of habits, which allow those habits to stick. The 3rd law is – ‘Make it easy’. When it comes to passwords on the phone, making it easy means enabling Face ID or fingerprint scanning. Regardless of what you might read sometimes – they are secure enough and make unlocking your phone extremely easy. There are no excuses to not using them on your device.
3. Using a password manager
While it might be difficult for the phone’s passcode, use a password manager everywhere else! (OK – I know this does not concern your phone – nevertheless, it is a very good habit) For the password to really make sense it not only needs to be complicated enough but also unique. Reusing the same good passwords on many websites and services makes this password really dangerous. Using a password manager (there’s plenty of free decent ones out there) makes choosing a great password for every service and website really easy, and you can also easily use it on your mobile phone. Even though it is more challenging to create a complex enough password to unlock your phone (password manager will not really help here), choose a relatively complex passphrase (one you can remember though!) – once you’ve set up your fingerprint unlock or Face ID you will not need to type it in too often.
I am actually considering looking into security habits more deeply – starting with creating how-to’s about introducing some security habits into life (based on methods of Atomic Habits). What do you think about such advice? Which habits do you think are most important from the data security perspective?