The first step to recovery, they say, is to admit that you have a problem. So the ability to admit that everyone in my household has an unhealthy addiction to our Apple iPhones would seem to be a step in the right direction.
Unfortunately, the iPhone addiction is making my family, and all of our iPhone addicted friends (of which there are a lot!), make choices that are unhealthy for our privacy and security.
The brilliant design and general ease of use of the iPhone are attracting many “crackberry” users, and fans of other fun mobile devices – what folks in the substance abuse world call “gateway” drugs. My previous addiction was the Nokia E61i and a Blackberry before that, and even then I was already showing signs of the growing problem of unsafe behavior.
The signs were there with those other devices, but as the iPhone addiction has swept through my home, it’s become clear to me: as more functions, capabilities and data repositories move out into the “cloud” where they can be accessed by clever devices like iPhones, the need for drop-dead easy authentication is even more pressing.
What brought it home to me was watching as the three bipeds in our home (as soon as our cats evolve thumbs I’m sure they’ll be demanding their own iPhones too) constantly scrambling to create passwords that are iPhone keyboard friendly, rather than being driven by strong security.
Even when good security measures are enforced by well-meaning IT staff, it seems to make the problem worse. For example, two members of my household work for a company that enforces very rigorous security policies across all their networks and devices – including iPhones.
Part of the protocols requires long and complex passwords that change frequently in order to access the devices. In theory this is an excellent security measure. In practice, however, it’s a major pain in the butt.
Or should I say, pain in the fingertips.
One of the prices of using an iPhone is having to cope with its miserable on-screen keyboard, with its skinny virtual keys that are about half the size of most adult fingers. And its layers of keyboards for numbers and special characters turn a chore into a true nightmare.
As if that weren’t enough, the rigorous security settings make that nightmare recur every time the screen times out… which is quite frequently if you’re trying to conserve the abysmal iPhone battery life by making the backlight turn off more quickly. (See, like many drugs, the glamour belies some dirty day-to-day realities of addiction!)
This need for ever-changing lengthy passwords full of additional keystrokes for numbers and special characters has driven my family to abandon meaningful passwords in favor of things that make pretty patterns and hug the edges of the keyboard where fat-fingering multiple keys is a little bit harder.
While a password like ‘mlpqaz.01’ might look fairly secure in the abstract, the reality is that it’s far easier to casually snoop such a password by seeing how it follows a visual pattern.
Even though my company doesn’t extend such strict policies to my iPhone, I too have found myself trying to choose passwords for various websites and applications based upon user interface issues rather than security best practices.
This is exacerbated by the fact that there seems to be no automatic form-filling function in the Safari browser that ships on the iPhone. Thus, every time I log into a website, I am faced with the task of typing out the full username and password, especially when session cookies expire or are purged. (I’m looking at you, Facebook!)
This limitation once again seems to be forcing my family and many of our iPhone addicted friends to adopt usernames and passwords that are chosen for their ease of typing rather than the level of security they provide.
My awareness of the need for easier and simpler means of authentication was further reinforced as I took a new job and was recently required to turn in my old company-issued laptop. The old IBM ThinkPad was slow, clunky, and heavy, but the thing I loved most about it was the built-in fingerprint scanner that allowed me to log on to various things biometrically.
By building the scanner into the laptop, and by making it so simple to configure yet so powerful that it could interface with the security features of other applications, I came to rely on my fingerprint instead of the pressure of constructing and remembering ever more complicated passwords. I could choose passwords that were less “user friendly” precisely because, as long as I could give the finger to my computer, I could get logged on without fear of snooping or pattern guessing.
Sure, it would be nice if Apple could improve the keyboard on the iPhone in order to make it easier and faster to type things like passwords. But the real “killer app” for Apple’s frustratingly loveable device will be to make it a smarter and more capable authentication device.
Until then, I will continue searching for a way to make my fingers slimmer and daintier. Meanwhile, does anyone know if Jenny Craig’s program works on thumbs?