Should You Use a Fingerprint or a PIN to Lock Your Phone?
Whatsapp Pinterest
Advertisement

When you’re first setting up your phone, you may have the choice of unlocking it via fingerprint or a PIN code. Prints are unique to you, and it’s impossible for a hacker to guess what your fingers look like, but does that make fingerprints more secure than PIN codes?

Let’s compare the two and see which one is best for you.

When to Lock Using Fingerprint Phone Locks

Example of identification of fingerprint on a smartphone.
Image Credit: Julia_Tim/DepositPhotos

Fingerprint scanners are very popular on mobile phones right now. They feel secure and are convenient, but they’re not perfect.

The Benefits of Fingerprint Phone Locks

The most significant benefit of fingerprint scanners is how they can’t be leaked “over the shoulder.” Someone could quickly look at your phone as you enter your PIN and learn your code, but they can’t do the same with a fingerprint. As such, fingerprint phone locks are the best choice against prying eyes.

It’s also one of the quickest methods of authentication. If you’re always unlocking and locking your phone, entering PIN code can get annoying. Using a fingerprint scanner is the quicker and easier option for chronic phone-checkers.

Fingerprints are also fantastic for people with bad memories. Forgetting a PIN is annoying, but it’s impossible to misplace your fingers. This benefit means fewer lock-outs from your phone and less time spent trying to hack your way back in.

The Drawbacks of Fingerprint Phone Locks

It’s easy to believe that your fingerprint, being unique to you, would be uncrackable by anyone. However, several researchers and hackers have come up with ways to get around the fingerprint sensor 5 Ways Hackers Bypass Fingerprint Scanners (How to Protect Yourself) 5 Ways Hackers Bypass Fingerprint Scanners (How to Protect Yourself) Think your fingerprint reader makes your device safe and secure? Think again! Here are 5 ways fingerprint scanners can be hacked. Read More .

Back in 2013, Germany’s Chaos Computer Club took a high-resolution photo of a fingerprint from glass and used it to make a latex reproduction of the print that could fool the sensor.

It’s likely that other methods are out there that have been less well-publicized.

When to Lock Using PIN Codes

An example of entering a PIN code into a smartphone
Image Credit: appleboy/DepositPhotos

PIN codes aren’t as advanced as fingerprint scanners, but they’re present on every smartphone. They’ve withstood the test of time and maintained their position in smartphone security for a good reason.

The Benefits of PIN Codes

The benefits of PIN codes depends on the phone. For example, the iPhone at the center of the FBI/Apple spat (the one belonging to Syed Farook, one of the San Bernadino shooters), had a security feature enabled that erased the contents of the phone after 10 incorrect tries at the PIN.

If you have something like this on your phone, anyone trying to crack their way in would have to have some excellent guesses to make it work. If not, they’re out of luck unless they can hack it another way.

Also, unlike a fingerprint, PIN codes are changeable. If someone created a recreated model of your print, there’s not much you can do to protect yourself. As soon as a PIN code is compromised, you can set a new one and forget the old number.

The Drawbacks of PIN Codes

Without extra security features, cracking a PIN is only a matter of time. It could be a very long time, but with an infinite number of guesses, any person or computer would eventually get it.

There are only so many different four- or six-number PINs you can create. Pattern locks are stronger than PIN codes in this regard, but unfortunately, research showed that pattern codes aren’t very secure New Research Proves Android Unlock Patterns Suck New Research Proves Android Unlock Patterns Suck If you unlock your Android handset using a pattern, you should consider using a PIN code instead. Because new research shows that Android unlock patterns are really not secure. Read More .

Even with protection against a brute-force guessing attack, someone might be able to get in if they’re highly motivated. There was a hack for the iPhone which powered it off after an incorrect PIN entry, so the wrong-guess counter didn’t increase. This attack took advantage of an old bug, and wouldn’t work anymore, but it shows that no system is perfect.

The point is, however, that someone could conceivably guess your PIN, whereas no one can guess your fingerprint. If a thief stole a phone without brute-force PIN protection, they will eventually crack it; however, it’s not so clean cut if it’s locked with a fingerprint.

How Fingerprint Phone Locks Are Subject to Court Orders

Whether you choose a fingerprint or a PIN code (or even both) to protect your phone also depends on who you want to keep out of it.

If you don’t want a random stranger picking your phone up off of the table at a coffee shop and accessing it, either will work just fine, and a fingerprint might work better. Either method should keep prying eyes out while you go through the ways to find your lost or stolen phone 2 Easy Ways to Recover a Lost or Stolen Android Phone 2 Easy Ways to Recover a Lost or Stolen Android Phone These methods can help you find your lost or stolen Android phone or tablet. Read More .

But if you’re worried about government access to your phone, you might want to reconsider. Judges in the US have generally held that giving up a PIN or a password could be a violation of the Fifth Amendment, but fingerprints are not.

If your phone comes under court scrutiny, a judge could order you to unlock it with your fingerprint. If you want to limit knowledge of what you’re doing to the NSA and keep the local police department out, then locking your phone with a PIN is a good idea.

Of course, laws will differ depending on the country, but it’s likely that police forces and other governmental organizations would push for the right to unlock suspects’ phones with a court order, especially if put in a situation similar to the one the FBI found themselves in with Farook’s iPhone.

The Best Unlock Method for Smartphones

For the vast majority of people, a fingerprint will be the more secure way to go. Even with the 10-attempt erasure feature turned on, it’s possible—however unlikely—that someone could guess your PIN.

Without the 10-attempt erasure, your PIN is subject to brute-force attacks What Are Brute Force Attacks and How Can You Protect Yourself? What Are Brute Force Attacks and How Can You Protect Yourself? Yyou've probably heard the phrase "brute force attack." But what, exactly, does that mean? How does it work? And how can you protect yourself against it? Here's what you need to know. Read More which will eventually crack it. In comparison, it’s impossible to brute-force a fingerprint.

Even if you do decide to stick with a PIN, it’s highly unlikely you’ll suffer an attack. Breaking a PIN code can be long, arduous, and expensive, and many hackers may not bother unless you’re a high-profile citizen. As such, while fingerprints are safer, there’s nothing inherently wrong with using a PIN code.

If, however, you’re in the United States, and you’re worried about the government getting into your phone, you may want to stick with a PIN. If you’re an activist, journalist, or anyone else who might have sensitive contact information or communications on your phone, the law will be on your side if a member of law enforcement asks you to unlock it.

Fingerprints vs. PIN Codes: It’s Up to You

Fingerprints and PIN codes have their advantages and disadvantages. While prints are the more secure method for your phone, that doesn’t mean PIN codes are the smartphone equivalence to leaving the front door unlocked. Both are solid choices, and it comes down to what you want from your phone to decide which is best for you.

If you use an iPhone and decide to stick with the fingerprint, here are some apps that you can lock with Touch ID and Face ID 8 iPhone Apps You Can Lock With Touch ID or Face ID 8 iPhone Apps You Can Lock With Touch ID or Face ID Here are 8 iPhone apps, including WhatsApp and Dropbox, you can lock using Touch ID or Face ID for additional security. Read More .

Explore more about: Fingerprints, Lockscreen, Password, Smartphone Security.

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Cheryl Smith
    June 1, 2019 at 7:06 pm

    My major problem with fingerprint id's is it they don't work for my fingers for any significant amount of time (that is more than a day or so). I have spent an enormous amount of time re-entering my prints, performing all kinds of "fixes" for this problem, and having Apple replace the phone itself. It's a little disappointing, since fingerprint id's was my justification for upgrading to an iPhone 6s. But I have essentially forgotten that the fingerprint option exists. But I see some good argument for entering a password in this article - so I'll pretend that's what I intended.

  2. dragonmouth
    May 29, 2019 at 10:52 pm

    A PIN can be readily changed, a fingerprint, or any other biometric, cannot.

  3. Manolo
    June 11, 2018 at 12:20 pm

    After four attempts with my finger my phone switches to PIN.
    So what's this discussion about?

  4. Dennis Ainsworth
    December 9, 2017 at 11:53 am

    I use fingerprint identification were I am allowed to, or a fifteen digit password using letters, numbers and obscure symbols when not. I also use two factor authentication and The Dashlane Password Manager, which enables me to remember one password only. For general security I use an anti-virus software togeter with a VPN, this may seem over the top to some people but I am confident as a result of these measures I am doing all I possibly can to stay secure

  5. Chris
    November 6, 2017 at 9:17 am

    Those who really really need to worry about the info stored on their phones should be presented with the option of classic, 2-factor authentication: using something you have and something you know. Something you have is the fingerprint, or retina scan or whatever other biometrics that get implemented. Something you know is obviously the pin or pattern. I'm not saying it should be mandatory, but it wouldn't be a big effort to implement considering both methods independently are already pretty mature technologies. Like that anyone can freely choose to die for their privacy and unless a villain can torture your pin or pattern out of you, chopping your finger off or cutting your eye out is just not gonna do it.

  6. Randy Brower
    May 17, 2016 at 3:13 am

    I have nothing I would care about if the police or FBI wanted me to unlock it, BUT,l I absolutely HATE these worthless bums everywhere that steal things and sell them for cheap just to get some fast and easy money. Much easier than actually doing something in their meaningless lives. So because of these lowlives, I have an APP named PREY. It will do the same erase in as many times you want to go before doing so, but what's really cool is it takes a picture of the person trying to break into it and sends it and the GPS coordinates to your EM address and records it on their DB so you can log into it and look as well. (I have a desktop for checking the website. This info can be used by yourself and/or cops, and you can go retrieve the phone and/or arrest the bum if it was stolen.

  7. Heather
    May 16, 2016 at 10:18 pm

    Great article. I appreciate the insight. Personally, I'll always use a PIN. Of course any method *could* be hacked - eventually. As a woman, I'm actually a little concerned with a 'strong arm' situation. iPhones are a huge theft item her in Los Angeles. If you're jogging, riding your bike, or simply going for a walk - women are being robbed and beaten. I can imagine some moron forcing me to put my finger on my phone to unlock it. Creeps seem to be making us think about these things…..normally, I would never even think about such negative things, but people have gone crazy.

    • Anonymous
      May 17, 2016 at 12:08 am

      The finger print is a replacement for the four digit pin. It's advantage is that it's easier to do so more people are likely to use it. BTW, wouldn't you comply with unlocking your phone if some thug was threatening you, regardless of locking method? That's preferable to being injured or killed.

      If you really want security you'd have to select a longer pin or mixed character password..

      • Dann Albright
        May 25, 2016 at 12:45 pm

        I_mckeon has a good point there; I can imagine that if you were in that kind of situation, having a PIN wouldn't help you a whole lot. That being said, because of the reasons laid out in the article about, you may want a PIN anyway!

  8. Mike Cornelison
    May 13, 2016 at 4:32 pm

    I have palmar hyperhidrosis, otherwise known as sweaty hands. Fingerprints are always a hit or miss proposition for me.

    • Dann Albright
      May 16, 2016 at 8:47 pm

      Yeah, I can see how that would cause a problem. There are probably a lot of people who can't use fingerprints consistently for various reasons; palmar hyperhidrosis, jobs where they get a lot of dust on their hands, people who need to wear gloves a lot . . . I'm sure there are others, too. And in those cases, going with a PIN is definitely a better option!