[King Dack]

I expect there will be a few folks on here who will want to pass up the BB branded android phones now that we can install the hub on whatever we like. I am interested in what security measures people will put in place if they choose to skip the DTEK package.

I am not a massive security freak but i have all of Google's 'improve this app by sending us data' options switched off / opted out. Malwarebytes app, Last Pass and sometimes a VPN. A swype pattern lock . I was thinking about encrypting the whole device but have read that Marshmallow is encrypted by default.

Share your setups and suggestions!

Posted via the CrackBerry App for Android

[thurask]

Yeah, device encryption is always on with BB Android.

Anyway, this is more indirect security, but I've started setting up 2FA for things.

[King Dack]

Talking of 2FA , i use the Microsoft verification app to secure Outlook account. It works great. I also tried HSBC bank version which confusingly replaced the hardware key they send you. It's so secure i seem to have lost access to my account altogether!

Posted via the CrackBerry App for Android

[cgk]

Device encryption, 2fA and the apps are a small basket of apps from large companies. There is no reason I'd buy. Detek for some theoretical protection (and actually a few people say that how bbry is implementing randomness is a problem looking for a solution) is a waste of money for any cautionary user.

[filanto]

I'm using Meraki MDM with android for work and Knox. Everything is encrypted on my phone and I'm thinking of using a better vpn than opera max, not really a security vpn

Posted via the CrackBerry App for Android

[sidtek50]

Lastpass, hotspot shield (vpn), signal (open source messaging app). I'm using 2FA almost everywhere (authy). Obviously my phone is fully encrypted being a DTEK50. As long as BlackBerry keep on top of patches, I should be good to go.

Edit: forgot to mention that I use adaptive storage and a sim card pin

[ajwan]

Software security means nothing if you have sensitive info on the sdxc card and haven't formatted the card as Adoptive Storage (which encrypts the card).

Posted via the CrackBerry App for Android

[filanto]

Software security means nothing if you have sensitive info on the sdxc card and haven't formatted the card as Adoptive Storage (which encrypts the card).

Posted via the CrackBerry App for Android

My S7 has the option to encrypted the media card even without the adoptive storage

Posted via the CrackBerry App for Android

[Ethynil]

I've started setting up 2FA for things.

I was not familiar with 2FA until reading this thread. I've checked their website and see it would be a feature i would like to use.

Does that mean every time I need to access a particular site or service, I need to receive a passcode on another device?

Is it sent as an email, text?

Do you enable 2FA for every possible service / site that makes it available or do you pick and choose based on security priorities?

[sidtek50]

I was not familiar with 2FA until reading this thread. I've checked their website and see it would be a feature i would like to use.

Does that mean every time I need to access a particular site or service, I need to receive a passcode on another device?

Is it sent as an email, text?

Do you enable 2FA for every possible service / site that makes it available or do you pick and choose based on security priorities?

SMS could be intercepted so you could use authy or Google authenticator instead. That produces a random number that changes every x amount of seconds. It's a very secure way of authenticating.

[badelhas]

I didnt know Google Authenticator could be used for more than entering google services, like Gmail and such. SMS?

[JussSimma]

SMS could be intercepted so you could use authy or Google authenticator instead. That produces a random number that changes every x amount of seconds. It's a very secure way of authenticating.

Authy i recommend over google authentication because of the pain you go through if you lose your phone.
I use 2 step for everything..

Posted via the CrackBerry App for Android

[badelhas]

Authy i recommend over google authentication because of the pain you go through if you lose your phone.
I use 2 step for everything..

Posted via the CrackBerry App for Android

There's always alternative ways of entering Google, especially if you have a second email associated

[powereds]

I didnt know Google Authenticator could be used for more than entering google services, like Gmail and such. SMS?

I use it on Facebook.

Posted via the CrackBerry App for Android

[oldsoul123]

I think the best option that comes with BlackBerry android devices, is the picture password function. This, coupled with a solid alphanumeric password, makes the device virtually impossible to break into, if you don't know the picture password sequence, or the password. Also now with the new MM update making it so that you have to enter the password before the phone will even boot up if it's been restarted, makes it even more locked up tight.

Posted from my BlackBerry Priv on Rogers Network.

[badelhas]

I think the best option that comes with BlackBerry android devices, is the picture password function. This, coupled with a solid alphanumeric password, makes the device virtually impossible to break into, if you don't know the picture password sequence, or the password. Also now with the new MM update making it so that you have to enter the password before the phone will even boot up if it's been restarted, makes it even more locked up tight.

Posted from my BlackBerry Priv on Rogers Network.

I never read about that, do you care to explain please?

Cheers

[raydogsboarder]

I think the best option that comes with BlackBerry android devices, is the picture password function. This, coupled with a solid alphanumeric password, makes the device virtually impossible to break into, if you don't know the picture password sequence, or the password. Also now with the new MM update making it so that you have to enter the password before the phone will even boot up if it's been restarted, makes it even more locked up tight.

Posted from my BlackBerry Priv on Rogers Network.

Too tight. Got my phone stolen and couldn't track it cause they shut it off and probably never got it back on. It might have been a different story if I just had the password protection on.

Using my Verizon BlackBerry Z30

[raydogsboarder]

There's always alternative ways of entering Google, especially if you have a second email associated

Yea that was about as helpful as a tumor. My phone was stolen and I immediately tried to login to my Google account and it wanted to try to confirm me since my login was unusual, from three different ways that required my phone, but also the secondary email I set up. Guess what... that one said I was logging in from a questionable source too and flagged me but at least has reasonable verification steps to validate me. Once in I got the code Google sent me to verify and I entered it into the box and Google of course "did not recognize the code" and completely locked me out. Spent the next 24hrs trying to get into my account... by then they had shut the phone off and it never came back on. If it had worked I would have done all that in the first 15 minutes giving me another 35 minutes to track the phone before it was shut off.

Using my Verizon BlackBerry Z30

[badelhas]

Yea that was about as helpful as a tumor. My phone was stolen and I immediately tried to login to my Google account and it wanted to try to confirm me since my login was unusual, from three different ways that required my phone, but also the secondary email I set up. Guess what... that one said I was logging in from a questionable source too and flagged me but at least has reasonable verification steps to validate me. Once in I got the code Google sent me to verify and I entered it into the box and Google of course "did not recognize the code" and completely locked me out. Spent the next 24hrs trying to get into my account... by then they had shut the phone off and it never came back on. If it had worked I would have done all that in the first 15 minutes giving me another 35 minutes to track the phone before it was shut off.

Using my Verizon BlackBerry Z30

Good for you.

[oldsoul123]

I never read about that, do you care to explain please?

Cheers

I don't know if it's available to all Android devices, but it's virtually an unhackable unlocking app.

Posted from my BlackBerry Priv on Rogers Network.

[oldsoul123]

Too tight. Got my phone stolen and couldn't track it cause they shut it off and probably never got it back on. It might have been a different story if I just had the password protection on.

Using my Verizon BlackBerry Z30

Well at least there's no getting personal information off of my phone. Phones are replaceable. Not having personal information in the wrong hands is priceless.

Posted from my BlackBerry Priv on Rogers Network.

[filanto]

I don't know if it's available to all Android devices, but it's virtually an unhackable unlocking app.

Posted from my BlackBerry Priv on Rogers Network.

The one feature I really miss from BB10

[darkehawke]

Honestly? Common Sense.

Dont download apk's I cant verify.
Dont click on sites I dont trust.

Simple

[filanto]

Honestly? Common Sense.

Dont download apk's I cant verify.
Dont click on sites I dont trust.

Simple

And don't look at dirty websites