Stop the lock screen re­veal­ing se­crets

Con­ve­nience can also leak per­sonal se­crets to any­one who can touch your iOS de­vice. Glenn Fleish­man re­ports

iPad&iPhone user - - CONTENTS -

ATwit­ter user re­counted a fa­mil­iar story of a lost iPhone that res­onated with a lot of peo­ple re­cently. The per­son be­hind @afro­nomics_ said she found an­other woman’s phone in the bath­room. She noted:

“I asked Siri what’s my name. It pulled up her info. Cool. I asked Siri who do I call most. Pulled up her re­cent calls. Cool.”

The thread is good read­ing ( (The ac­count owner uses colourful lan­guage and may be in­ap­pro­pri­ate to pe­ruse at a work­place.)

We tested the list of things she noted, and we had slightly dif­fer­ent re­sults, but no less con­cern­ing. Siri re­quired that we un­lock our phone when we asked, “Where do I live?” but when we said, “Di­rec­tions to my home,” iOS pro­vided those without a beat. When we asked our wife’s and chil­dren’s names, we were told to un­lock, but our most re­cent call came up without reser­va­tion, as well as telling me my name when we asked.

We hadn’t re­cently noted where we parked our car, but ap­par­ently that’s within the scope of re­sults, too. And that’s be­fore swip­ing down to see the To­day view and no­ti­fi­ca­tions, which we have en­abled on the lock screen.

Lock­ing down

It’s per­fectly rea­son­able to want con­ve­nient ac­cess to a num­ber of fea­tures without hav­ing to un­lock your phone, even when that’s rel­a­tively easy with Touch ID. The lock screen fea­tures are more about pulling them up quickly than se­cur­ing all your pri­vate data.

But as the per­son who left their phone in the bath­room found, it’s very easy to mine a lot of data and fast. This is also true in school and work en­vi­ron­ments, or even in ones where you’re deal­ing with sib­lings, or when you’re the adult child of in­va­sive par­ents.

Al­though Ap­ple gen­er­ally po­si­tions it­self rightly as pri­vacy con­scious vis-à-vis the in­for­ma­tion about your­self that it al­lows it­self and oth­ers to see,

there’s no one-stop-shop for di­al­ing up or down what ap­pears on the lock screen. You have to visit sev­eral places in Set­tings:

Touch ID & Pass­code Con­trol Cen­ter No­ti­fi­ca­tions

Touch ID & Pass­code al­lows ac­cess to ma­jor fea­tures, and all the op­tions are en­abled by de­fault. You can turn them off un­der Al­low Ac­cess When Locked:

To­day View: The sum­mary of what’s go­ing on in your day plus wid­gets. (Some wid­gets show lim­ited in­for­ma­tion while locked, such as Ac­tiv­ity and Find My Friends.)

No­ti­fi­ca­tions View: The swipe-down view that’s a swipe left from To­day View, which re­veals the his­tory of no­ti­fi­ca­tions. You can keep no­ti­fi­ca­tions ac­tive and ad­just how much in­for­ma­tion is dis­played, how­ever, as dis­cussed be­low.

Siri: This won’t re­spond to ev­ery­thing, but does give away a lot. Dis­abling Siri in this fash­ion pre­vents the “Hey, Siri” op­tion from work­ing while locked.

Re­ply with Mes­sage: This lets you re­spond to an in­com­ing mes­sage from the lock screen. Home Con­trol: For HomeKit-con­nected de­vices. Wal­let: This al­lows the use of stored cards. You still need Touch ID to pay with Ap­ple Pay, but other items in the Wal­let are freely avail­able with a dou­ble-click of the Home but­ton, such as store­affin­ity cards. Some­one with your phone could pay with your Star­bucks card, for in­stance.

If you dis­able Siri, it also turns off Voice Dial, a fea­ture that lets you call some­one by name or by speak­ing a num­ber. How­ever, you can keep Siri on and turn off Voice Dial through a switch just above the Al­low Ac­cess When Locked area.

Turn­ing off Wal­let on the lock screen pre­vents you from ac­cess­ing cards, but still al­lows pay­ments. You can also dis­able this via Set­tings > Wal­let & Ap­ple Pay. With Wal­let dis­abled on the lock screen, you could put the Wal­let app on your home screen or in your menu bar, so that when you un­lock your phone it’s just a tap away.

No­ti­fi­ca­tions can re­veal vary­ing amounts of in­for­ma­tion. As a gen­eral set­ting for each app with no­ti­fi­ca­tions en­abled, you can go to Set­tings > No­ti­fi­ca­tions > app name and tap Show on Lock Screen to off. Mail and a few other apps of­fer de­tailed pre­views on the lock screen, which can re­veal too much. Mail of­fers a few dif­fer­ent set­tings by cat­e­gory; here are the steps for switch­ing off pre­views for senders you’ve marked as VIPs:

Open Set­tings > No­ti­fi­ca­tions > Mail Tap VIP

Un­der Mail Op­tions, tap Show Pre­views Se­lect When Un­locked

Fi­nally, Con­trol Cen­ter has its own Ac­cess on Lock Screen set­ting. It’s use­ful, but it can also let some­one play back your au­dio, change out­put de­vices, and po­ten­tially see more about you.

While you’re at, im­prove your pass­code

Since we’re talk­ing about un­wanted or un­in­ten­tional phys­i­cal ac­cess to your phone, you should im­prove your pass­code. A col­league told us last year about vis­it­ing home and turn­ing around to see her teenage sister tap­ping away on her lock screen and guess­ing her four-digit pass­code, which was not ob­vi­ous. She sus­pected her sister might have seen enough of her un­lock­ing the phone to guess the full num­ber.

Se­cu­rity re­searchers say even the six-digit code Ap­ple em­pha­sizes now isn’t enough. Gen­er­ate a short mem­o­rable phrase of words un­likely to ap­pear to­gether. If you’re us­ing Touch ID, you don’t have to en­ter that passphrase of­ten, but it’ll avoid the lit­tle sister and the ca­sual snooper prob­lem.

And since an up­date in iOS 9, you’ll keep your passphrase more in mind, be­cause iOS re­quires that af­ter six days in which you haven’t en­tered your passphrase, you’re prompted to re-en­ter it af­ter not us­ing Touch ID for eight hours. This keeps you on your dig­i­tal toes.

You may choose to avoid all this ad­vice, but now you know what you might be ex­pos­ing the next time (if ever) some­one you don’t in­tend has your phone in hand.

While en­abled by de­fault, you might choose to not al­low all these op­tions to work when your iOS de­vice is locked

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.