I don’t buy it. Complex, random passwords are great against brute force attacks but that’s not usually how these things play out.
Many password breaches are caused by technical lapses on the part of a platform, where password complexity often becomes irrelevant. Your password gets hovered up along with everyone else’s and eventually gets decrypted, and tried en masse against other platforms. In this scenario, even a simple pattern for passwords is probably enough to prevent the problem from spreading, as long as it’s not too obvious.
The other way passwords often get compromised is from someone looking over your shoulder or key logging, infrared on PIN pads, etc. In this scenario, your system is WAY, WAY worse, since one password unlocks the kingdom, and that password is frequently being used.
As it stands, if someone peeks over my shoulder and discovers my phone password, then steals my phone, it’s damaging but not game over. They can’t access any websites.
If I allow my phone password to be the only gatekeeper to access everything, IMO that’s lousy security.
Many password breaches are caused by technical lapses on the part of a platform, where password complexity often becomes irrelevant. Your password gets hovered up along with everyone else’s and eventually gets decrypted, and tried en masse against other platforms. In this scenario, even a simple pattern for passwords is probably enough to prevent the problem from spreading, as long as it’s not too obvious.
The other way passwords often get compromised is from someone looking over your shoulder or key logging, infrared on PIN pads, etc. In this scenario, your system is WAY, WAY worse, since one password unlocks the kingdom, and that password is frequently being used.
As it stands, if someone peeks over my shoulder and discovers my phone password, then steals my phone, it’s damaging but not game over. They can’t access any websites.
If I allow my phone password to be the only gatekeeper to access everything, IMO that’s lousy security.