I mean like, after I type a password on a computer, I’d rub my fingers across the entire keyboard to make sure any fingerprints/oil-residues gets evenly distributed so its harder to know the password. Same with phone unlock codes, I just use my fingers to rub against the part of the screen where the virtual keyboard was displayed.
Am I being weird? I’ve had this habit since the first time I got my first digital electronics.
Is everyone here paranoid?
glances at c/privacy
Yes
IT guy here.
Nope, my phone uses facial recognition to unlock, and my computer passwords are wither random letters and numbers or a full passphrase, both of which use multiples of the same letter and different capitalizations.
Example:
Random string, similar to passwords I have used in the past:
“r82ZwQqDW”
Looking at a keyboard where you could see all characters used it would look like this:
dqrwz28 + shift
Figuring out the password above from these letter by logic is basically impossible, so they have to brute force it, only they don’t know the length of the password, which uses more time.
Passphrases are even better, using something like:
CreepySmilingHorseSnortsLead2016!
Just look at all of the reused letters!
No way someone would guess that the characters acedghilmnoprsty0126 + shift would spell the password above.
Lmao
This, 1000% this.
If looking at finger prints worked, it would legit be a way lower risk, cleaner way of stealing people’s information than kidnapping. It’s not at all comparable to over-the-top key size.
Nope. Don’t you type on your keyboard anyway. Like right now I just worte a whole bunch of different letters. I don’t think I put in my password so often it stands out. Same with the phone. My fingers already go all over it. I mean icons are way over one screens worth. Its not like the movied door code thing where the only input it ever gets is the code.
No, I lick the entire keypad/keyboard after entering my pass/pin to ensure my DNA is on all keys. This is the only true path to security.
I’ve never heard of that being used to steal a password—for one thing, it wouldn’t reveal the order in which you pressed the keys, so it would still leave n! possibilities (24 possibilities for a 4-digit pin, or 40,320 for an 8-letter password). And in any case, if someone were to examine the keys afterward, it’s more likely they could see which keys you wiped if you just wiped the ones you used (and if you wiped all of them, it would make it easier to steal the password of the next user).
The bigger thing to worry about is a hidden camera recording your key presses—and to counter that, I position my fingers over all the keys I’ll use and then move all my fingers with each press, so it’s harder to see which key was key was actually pressed.
I think the concern is overblown. The time it would take to try possible combinations would look very suspicious, at least at the ATMs which are embedded into actual banks in my area.
With that said, I pretend to press a few random keys whenever I use my debit card pin.
Keylogging says hi 👋
The only case I would imagine someone trying to guess/brute force the PIN using fingerprints is some sort of state level actor trying to gain access, e.g. during a search warrant
Yes you are being weird. Why do you think anyone will bother getting physical access to your device?
Money?
There’s less of a risk with something hard to separate a person from like a phone, but a payment terminal is a massive target.
You are ignoring the other layers of your security.
They have to have the card you are using and you can cancel any suspicious charges you see.
Sure, but fraud still happens. You asked why anyone would bother.
Maybe a question for therapy.
Therapy would say “If you have nothing to hide, you have nothing to fear” while writing the notes on their WINDOWS Computer with Copilot Enabled. Btw my country is fascist, the more notes that get on their system is more tools to suppress dissent especially for a non-white person like me living in a white-majority country.
See: https://en.wikipedia.org/wiki/Political_abuse_of_psychiatry
I think you’re quite paranoid. You asked the community’s opinion so I gave mine
Eh, therapists are not cybersecurity experts. They have no way of knowing if this is reasonable or not. Just strategies for if it is emotional.
When people say shit like this, I wonder if they’ve ever been.
If you are a regular-ass person using their normal phone/computer, and have no reason to suspect someone is trying to hack you, then this is some extremely paranoid behavior.
deleted by creator
Are you one? If not, you don’t get to put words in their mouth. Like, I’ve been to therapy and I know how it goes, but I wouldn’t diagnose by proxy like that.
Just like medical doctors, the things that actually concern them can be surprising.
deleted by creator
It’s an insult, you were just calling OP crazy.
That’s okay for you to think. I don’t love that an actually helpful profession is smeared in the process, though.
deleted by creator
The numbers on my lock screen randomize their locations, so even if you saw my finger movements and grease pattern, you couldn’t guess the code.
GOS! I was going to say the same thing
On your phone? Need an app for that?
It’s a feature in GrapheneOS
My screen has a matte foil on it.
Hard enough to see any fingerprint.I saw a video once about how people could use thermal imaging to see what (metal) keys you pressed on an ATM, so usually I’ll rest my entire hand on the keypad for a second when I’m done
No. If you’ve used it to input literally anything else you’ve already obfuscated the password (typing on keyboard, using apps on phone). Besides that, there is no telling the length, number of repeated characters, or shift combined (capital letters, symbols) involved just by looking at finger prints on a keyboard.
Two factor authentication and other layered security is low effort and more effective. If you’re worried about a PIN for debit cards the greater concern is skimmers, common at gas stations and atms. The best preventative here is to become familiar with checking for those and minimizing how much money is in your debit account - keep it in savings, use a credit card instead where able.
I do clean my phone screen and keyboards occasionally just because they can get gross.
I do that at the ATM and I also double-check for scanners on the bank card input.
My phone unlock is a cluster fuck so I’m not worried about anyone who tries it. Scarier is that there’s ways to bypass it, so if it gets stolen I’m kinda fucked.
I don’t wipe the keypad off but I do pull on the card slot just in case there’s a card reader, especially in bigger or new cities.
I’m a big city boi so that tracks.
if it gets stolen I’m kinda fucked.
Thats what you get for being worth something. If my phone gets stolen all that’ll happen is the debt collection agencies will see that “I” have moved to China.
When using a public PIN pad, I cover the whole thing with my other hand and make fake button presses in between the real ones.
