1. anon(8679041)'s Avatar
    Since Blackberry is security there can't be too much security, especially when it's backed up by a few reasons.

    My suggestion: To add another security layer when authenticating.

    More exactly, to be able to setup up to two authentication methods at the same time in a custom order.

    It could be like picture password and then the fingerprint or vice-versa or password and fingerprint or pattern, just any.

    When you're at home you turn off this double security feature and when sleeping somewhere else you turn it on, as an example.

    It could turn out being super handy in some cases. And if they'll even create a custom keyboard shortcut for quickly switching from single to double authentication mode, this would be amazing!
    08-09-17 10:39 AM
  2. Dunt Dunt Dunt's Avatar
    Optionally would be fine, something enterprise could force via policies.....

    Why stop at two?
    08-09-17 11:03 AM
  3. thurask's Avatar
    When you're at home you turn off this double security feature and when sleeping somewhere else you turn it on, as an example.
    You can already manage security requirements via Smart Lock.

    And if they'll even create a custom keyboard shortcut for quickly switching from single to double authentication mode, this would be amazing!
    Wouldn't that defeat the purpose of having two systems if you could just switch to the weaker one at will?
    08-09-17 12:11 PM
  4. anon(8679041)'s Avatar
    Wouldn't that defeat the purpose of having two systems if you could just switch to the weaker one at will?
    Switching will require authentication.
    08-09-17 12:47 PM
  5. modifier's Avatar
    More exactly, to be able to setup up to two authentication methods at the same time in a custom order.

    It could be like picture password and then the fingerprint or vice-versa or password and fingerprint or pattern, just any.
    Anytime my KEYone was locked, it required both a fingerprint and PIN. It was managed via MDM. Both were always required since a fingerprint proved the phone was in local possession and the PIN meant the user (ie: yours truly) was willing to unlock the device. Fingerprint by itself wasn't allowed as an unlock, only as a screen wake if the device hadn't passed the 30-minute timeout.

    If the KEYone doesn't work this way normally then what you need is an MDM service. The provisions in Android are already there regardless of it being a BlackBerry device.

    I never tried Smart Lock since it didn't meet security requirements. If you're that concerned about security, changing your methods at home seems counterintuitive.
    08-09-17 01:01 PM
  6. anon(8679041)'s Avatar
    If you're that concerned about security, changing your methods at home seems counterintuitive.
    Why counterintuitive?
    08-13-17 08:00 AM
  7. thurask's Avatar
    Why counterintuitive?
    Why go to the trouble of setting up elaborate methods and then disable them for the better part of a day?
    modifier likes this.
    08-13-17 08:06 AM
  8. modifier's Avatar
    Why counterintuitive?
    Your opening statement was that "there can't be too much security" and that you wanted "another layer of security when authenticating." Lowering your security at home assumes that your phone will always be in your conscious possession at home. If you use proximity, GPS or NFC to automatically remove a security layer at home then anyone can simply move your phone into that area to remove part of your security. To me that's counterintuitive.

    Why go to the trouble of setting up elaborate methods and then disable them for the better part of a day?
    Exactly.
    Last edited by modifier; 08-13-17 at 08:37 AM.
    08-13-17 08:10 AM
  9. anon(8679041)'s Avatar
    Why go to the trouble of setting up elaborate methods and then disable them for the better part of a day?
    Your opening statement was that "there can't be too much security" and that you wanted "another layer of security when authenticating." Lowering your security at home assumes that your phone will always be in your conscious possession at home. If you use proximity, GPS or NFC to automatically remove a security layer at home then anyone can simply move your phone into that area to remove part of your security. To me that's counterintuitive.
    I wasn't taking about any automation involved in the process, everything will be done manually.

    Let's try a more detailed example, just to be clearer.
    You're at home, alone and since you're frequently using your phone you decide to have 1 layer of security: fingerprint.
    You know that tomorrow you'll go camping and decide to add another security layer, just in case. So you go to settings, "Add security layer" -> click the "plus icon" -> Choose from the drop-down menu a security measure you want to add (say "Picture Password"). You set it up (if using it for the first time ever) or authenticate for this authentication method, by matching the number with the spot. Next you chose the order in which you'll be required to authenticate: fingerprint first, picture password second. Then you click "Done".
    And from now on, every time you'll want to access your phone, you'll be required to authenticate in the following order: fingerprint and then the picture password.

    When you're done camping, you decide to switch to the fingerprint mode only, because you're the "forever alone" kind of person, what the heck. You go to settings, click "Edit authentication method", you uncheck the "Picture Password" security layer from the list. While doing so, you're required to authenticate for this exact authentication method ("Picture Password") by matching the number with the spot. If you do that, you'll get notified that you've successfully unchecked that security layer ("Picture Password"), and that from now on, you'll need only your fingerprint for device authentication.

    And this isn't too much, if BB is hitting the Security niche, this is a must. How many times you've participated or heard discussions about "well, someone could just use your finger to unlock your device while you're sleeping" and everyone would be like "yeah", "yes", "unfortunately"... well guess what, if that'll be implemented, and the next time you'll hear such conversations, you'll have something to say.
    We must differentiate, otherwise we're like everyone, security wise.
    09-14-17 08:29 AM
  10. modifier's Avatar
    And this isn't too much, if BB is hitting the Security niche, this is a must.
    Not everyone has the same "must" though. What is a must to you, must not be a must to BlackBerry seeing that most MDMs only require a PIN or password for unlock. Fingerprint is and always will be a convenience device. It's not secure by security standards.

    Your ideas are valid here. The challenge is that so few would use it that it likely wouldn't get developed. Perhaps you can seek someone to write a third-party app to add such a feature.

    I understand not wanting an automated solution but perhaps something like IFTTT can be set up in such a way to enable or disable PIN/password when you're at home and rely solely on the FPR. Although, I don't believe the FPR can be used without setting a PIN or password. So, I'm honestly not even sure what you want can be done to that exact level of detail.
    09-14-17 02:31 PM
  11. anon(8679041)'s Avatar
    Your ideas are valid here. The challenge is that so few would use it that it likely wouldn't get developed.
    Not few seem to care about the subject (i.e. "the risk of someone unlocking your phone while you're asleep"). And BlackBerry could use that for advertising. Just like they did that with the Privacy Shade. They were like, "people, you had this problem, now you don't".
    This is exactly the same thing. Sure a third-party app could do that, but it won't be the same. It has to be a BlackBerry feature.
    I see potential, and I think it'd be right for them to create this feature, and this mostly sums up the whole idea of this thread.
    09-14-17 05:35 PM
  12. modifier's Avatar
    Not few seem to care about the subject (i.e. "the risk of someone unlocking your phone while you're asleep"). And BlackBerry could use that for advertising. Just like they did that with the Privacy Shade. They were like, "people, you had this problem, now you don't".
    This is exactly the same thing. Sure a third-party app could do that, but it won't be the same. It has to be a BlackBerry feature.
    I see potential, and I think it'd be right for them to create this feature, and this mostly sums up the whole idea of this thread.
    That's certainly a concern with using fingerprint as the only means of unlocking. Your post above suggests that users will want to use FPR only when at home, but then you provided an example of why that's a bad idea. I'm admittedly confused about what you want. But, that's not to say your original idea is bad, it's just unknown how much traction it would have in the business world. I'm not sure which demographic TCL/BB are going for most so I can't agree or disagree that this would go anywhere.

    In my world where everything is managed via MDM and policies are set on how devices are secured, I know that FPR only is never an option no matter the location or how "alone" one might be at a given time. That assumption is never made — and that's not meant in a bad way.
    09-14-17 05:59 PM

Similar Threads

  1. August Security Release
    By tthieman in forum BlackBerry Android OS
    Replies: 20
    Last Post: 08-09-17, 01:29 PM
  2. BlackBerry Turn Off Suggestions BB Hub
    By cscott44 in forum Ask a Question
    Replies: 1
    Last Post: 08-09-17, 11:56 AM
  3. how do I turn suggestions off
    By cscott44 in forum BlackBerry Priv
    Replies: 1
    Last Post: 08-09-17, 10:51 AM
  4. Replies: 2
    Last Post: 08-09-17, 07:44 AM
  5. Issues with blackberry passport.
    By saurav tomar in forum BlackBerry Passport
    Replies: 1
    Last Post: 08-09-17, 06:57 AM
LINK TO POST COPIED TO CLIPBOARD