is a 3 year old all that's between you and getting pwned?

Here’s some food for thought… Would you trust a 3 year old:

• …with access to your mortgage?
• …to keep your house secure?
• …with the security of your bank accounts?

Of course you wouldn’t.

Let me try another question then… Is your smartphone PIN access code the same as your:

• …phone banking password for your mortgage?
• …the alarm code on your front door?
• …your ATM PIN number?

I know kids who’ve been able to memorize PINs and unlock their parents iPhones since they were very young. If, like for the majority of people, that PIN is “the normal PIN that they use for everything” then they are effectively trusting the keys to their kingdom to the discretion of a 3 year old. To get that PIN all I need to do is ask, watch the child unlock the phone, or hand them a phone and see what they punch in. It’s not that big a stretch, and as smartphones and tablets proliferate into education and childcare I suspect this will become a more relevant concern.

Some tips…

1. Ideally, don’t reuse PINs AT ALL. Don’t have it so that all of the doors to your castle can be opened with the one key. That’s just unwise.
2. If your absolutely MUST reuse PINs, keep “low security” and “high security” PINs separate. Don’t give your kids the keys to your castle. (I can’t think of a legitimate reason to justify this, but I know it will happen regardless).
3. Don’t be paranoid, but be smart with the information you give you kids. The expression “like taking candy from a baby” exists for a reason.

Food for thought.