Below is an over-thought, overanalyzed look at TouchID and trying to incorporate it into a slightly more secure method than maybe even Apple recommends.
The Backstory
I have been using my 5S for a couple weeks now, and finally took the plunge and activated TouchID. I really don't know why or what, but something was holding me back from enabling it. Was it the reports of it being compromised, or some worry that my valuable fingerprint would be uploaded to the cloud?
Well I still don't know, but that quiet voice inside me finally stopped saying no, finally allowing me to look closely at how I could use this feature.
I have always used complex passcodes, and had the data erase option enabled on my iPhones. Just like the greasey swipes on Android phones, I found the greasy dots left on most iPhones as an easy way to help guess most of my friends simple passcodes. Perhaps hearing stories about fingerprints being lifted and used from iPhones, reminded me of the old oily fingerprints that helped me figure out simple pass-codes, in turn, stopping me from adopting TouchID.
My use of TouchID
Not wanting to let a nice little feature on my iPhone go to waste, I decided to take a closer look at how I could incorporate TouchID into my daily workflow, while also keeping it slightly more secure than the average user.
Taking to heart some great security tips I have learned over the years, I attempted to apply those to my iOS use of TouchID.
So you may be saying, how can I apply those tips to a fingerprint scanner? Well I actually spent some time analyzing how I use my phone personally. Completely divulging how much of a Nerd I am, I even went as far as recording myself doing some simple daily actions with my phone, to see how I hold and use my devices.
After my (quite boring) time viewing what were essentially long selfies, I came up with some slightly more secure ways to use TouchID in my daily workflow.
My TouchID Tips
1- Use only a single Fingerprint.
This goes into the first rule of security I have learned over the years. Since you always have a passcode as a backup, the less fingerprints you have registered, the less likely someone will be able to successfully lift the exact print you are using to unlock your phone.
2- Make your single fingerprint, a finger that you are least likely to use on your touchscreen, or for holding your device.
This tip helps resolve both Convenience, as well as avoiding common passwords. Your habits or friends may be different, however most of my 5s owning friends use either their thumb, or index finger to unlock their phones. And while each person's fingerprint will be different, I still like to consider the index finger, and thumb common "TouchID" Passwords for average users.
3- Use only a portion of your fingerprint
In addition to #2, make the portion of your chosen finger, one that has little chance of being used on your device for touch control, or holding your phone. A good example of this, is the extreme side of your chosen finger.
4- Purchase a case which is not prone to collecting fingerprints
While I like to run my phone Naked™ as a rule, one who is extra cautious could go the extra step of purchasing a case that won't easily collect and display fingerprints. A great option from Apple, would be their new leather cases for the 5s (at least the brown leather copy I own (yes I caved and got one ). For those that are paying attention, this helps reduce the amount of keys (or fingerprints) I am leaving in the open for people to reverse into a way of accessing my phone.
5- Adopt the touch and slide method
Clearly, whatever portion of your finger you decide to use for TouchID ,will leave a clear fingerprint on the sensor. Getting in the habit of sliding your finger off the sensor (and device) after the phone unlocks, helps prevent a clear fingerprint from staying behind.
6- Use Complex Passwords
With the addition of TouchID, the need for typing a passcode into your iPhone is greatly reduced. Why make it easy for people to get in with a simple 4 Digit pin, if they don't have access to your fingerprint .
Despite working in IT, I don't consider myself a security expert, and am open to adding further suggestions from those that are .
The Backstory
I have been using my 5S for a couple weeks now, and finally took the plunge and activated TouchID. I really don't know why or what, but something was holding me back from enabling it. Was it the reports of it being compromised, or some worry that my valuable fingerprint would be uploaded to the cloud?
Well I still don't know, but that quiet voice inside me finally stopped saying no, finally allowing me to look closely at how I could use this feature.
I have always used complex passcodes, and had the data erase option enabled on my iPhones. Just like the greasey swipes on Android phones, I found the greasy dots left on most iPhones as an easy way to help guess most of my friends simple passcodes. Perhaps hearing stories about fingerprints being lifted and used from iPhones, reminded me of the old oily fingerprints that helped me figure out simple pass-codes, in turn, stopping me from adopting TouchID.
My use of TouchID
Not wanting to let a nice little feature on my iPhone go to waste, I decided to take a closer look at how I could incorporate TouchID into my daily workflow, while also keeping it slightly more secure than the average user.
Taking to heart some great security tips I have learned over the years, I attempted to apply those to my iOS use of TouchID.
- More convienant usually means less secure
- Think of each key as an additional hole in security
- Avoid common passwords
- Avoid leaving keys in the open, or easy to access
So you may be saying, how can I apply those tips to a fingerprint scanner? Well I actually spent some time analyzing how I use my phone personally. Completely divulging how much of a Nerd I am, I even went as far as recording myself doing some simple daily actions with my phone, to see how I hold and use my devices.
After my (quite boring) time viewing what were essentially long selfies, I came up with some slightly more secure ways to use TouchID in my daily workflow.
My TouchID Tips
1- Use only a single Fingerprint.
This goes into the first rule of security I have learned over the years. Since you always have a passcode as a backup, the less fingerprints you have registered, the less likely someone will be able to successfully lift the exact print you are using to unlock your phone.
2- Make your single fingerprint, a finger that you are least likely to use on your touchscreen, or for holding your device.
This tip helps resolve both Convenience, as well as avoiding common passwords. Your habits or friends may be different, however most of my 5s owning friends use either their thumb, or index finger to unlock their phones. And while each person's fingerprint will be different, I still like to consider the index finger, and thumb common "TouchID" Passwords for average users.
3- Use only a portion of your fingerprint
In addition to #2, make the portion of your chosen finger, one that has little chance of being used on your device for touch control, or holding your phone. A good example of this, is the extreme side of your chosen finger.
4- Purchase a case which is not prone to collecting fingerprints
While I like to run my phone Naked™ as a rule, one who is extra cautious could go the extra step of purchasing a case that won't easily collect and display fingerprints. A great option from Apple, would be their new leather cases for the 5s (at least the brown leather copy I own (yes I caved and got one
). For those that are paying attention, this helps reduce the amount of keys (or fingerprints) I am leaving in the open for people to reverse into a way of accessing my phone.5- Adopt the touch and slide method
Clearly, whatever portion of your finger you decide to use for TouchID ,will leave a clear fingerprint on the sensor. Getting in the habit of sliding your finger off the sensor (and device) after the phone unlocks, helps prevent a clear fingerprint from staying behind.
6- Use Complex Passwords
With the addition of TouchID, the need for typing a passcode into your iPhone is greatly reduced. Why make it easy for people to get in with a simple 4 Digit pin, if they don't have access to your fingerprint
. Despite working in IT, I don't consider myself a security expert, and am open to adding further suggestions from those that are
.
Last edited:
