[Bucky4]

Is there any way to set it so your BB doesn't when going past the limit set. I can understand how it makes sense if you forget your password but what if you lost your phone and someone picked it up. They get a new BB if they try the password more than 10 times.

[CanuckBB]

So what would you have the BB do once you reached the max password attempt?

[the_sandman_454]

Is there any way to set it so your BB doesn't when going past the limit set. I can understand how it makes sense if you forget your password but what if you lost your phone and someone picked it up. They get a new BB if they try the password more than 10 times.

With unlimited tries, the person who picks it up can then proceed to brute force their way in via the password and now they've got your personal information as well as your device. That's the whole point of the limited number of attempts before it nukes itself, to prevent a brute force attack on the password working.

[TheScionicMan]

They've already got a new BB. It's a matter of whether they get your info or not.

[Nozzles Brewin]

No it's not possible, if they go past the max attempts then yes the phone will wipe and they'll have a new bb but they wont have all your info and at the end of the day that is what matters

[Laura Knotek]

Whether one is referring to a computer or a smartphone, the most important aspect is the user's data. The user's data is the most important part of security.

Hardware is cheap to replace, relatively speaking. Data breaches can be extremely costly.

[JRZLocal]

Yeah 10 tries and you HAVE to type blackberry. A better question would be if you're on the 9th attempt is there anyway to contact blackberry and have them reset or give you the password. If you have your contacts, calender etc backed up on an exchange server for work then no big deal i guess you could just resync to the computer, but for the avg. person losing ur contacts and info is much worse than losing the phone itself.

[Laura Knotek]

Yeah 10 tries and you HAVE to type blackberry. A better question would be if you're on the 9th attempt is there anyway to contact blackberry and have them reset or give you the password. If you have your contacts, calender etc backed up on an exchange server for work then no big deal i guess you could just resync to the computer, but for the avg. person losing ur contacts and info is much worse than losing the phone itself.

That would not work. How would the owner verify his identity if he contacted RIM? A thief could easily pose as the owner and get the owner's information.

[the_sandman_454]

Yeah 10 tries and you HAVE to type blackberry. A better question would be if you're on the 9th attempt is there anyway to contact blackberry and have them reset or give you the password. If you have your contacts, calender etc backed up on an exchange server for work then no big deal i guess you could just resync to the computer, but for the avg. person losing ur contacts and info is much worse than losing the phone itself.

Make frequent backups. You should anyway since if your device takes a bath, breaks, is lost or stolen regardless of your password/whether it will wipe itself or not, your contacts are gone with the phone.

[ippym]

I hate this feature. If you want to have it, fine, but I cannot BELIEVE there is no way to disable it.

If someone gets a hold of your blackberry (anyone who doesn't like you, etc) they can just maliciously wipe all of the data from your phone. Police could do it. Anyone.

THINK OF IT THIS WAY:

You buy a new house. Then the real estate agent tells you, "Oh, by the way, if anyone tries to pick the lock or forcibly enter into your home more than 10 TIMES, the entire contents of the house explode and are gone permanently" -- "WHAT??" you say, "I don't like that idea at all. Can't I just set it that they keep trying to break in forever? I don't want my furniture and filing cabinet to blow up. Those are very important to me." -- "NO," says the real estate agent, "that's a security feature that's in place whether you like it or not. Yes, it's your home, but WE determine what happens to YOUR contents, even if you vehemently object".

I'm sorry, but it's one of the STUPIDEST things RIM has done. I have written to them and complained to them about this for 2 years, and I even sat next to one of the testers for RIM on a flight, and he agreed that it is an incredibly asinine feature if it can't be disabled, yet every new Blackberry has this dumb, dumb, dumb feature that can't be disabled by THE OWNER OF THE PHONE, WHOSE CHOICE IT SHOULD BE WHETHER SOMEONE CAN DELETE THE ENTIRE CONTENTS OF THE PHONE JUST BY ENTERING THE PASSWORD WRONG TEN TIMES---HOW HARD IS THAT TO DO??

Imagine you video someone doing something, and the police/customs whatever confiscate your phone, even though they don't have access to your password, they can delete the contents of the phone and wipe it clean WITHOUT KNOWING YOUR PASSWORD.

This, along with the feature where you can accidentally pocket dial 911 in your pocket with that stupid "Emergency Call" feature (about 70% of Blackberry owners have had it happen to them---and NO, the keyboard locking function does NOT work reliably, because that unlock button gets pressed so easily in your pocket) are amongst a few of those persistent features that RIM NEVER GETS RID OF and show why they are too stodgy and stupid to ever LISTEN TO THEIR USERS and why they will never outperform in the mobile market.

(My final complaint -- why is the "$" sign assigned its own key on every Blackberry? Thank GOD I have single key access to that "$" sign that I NEVER type, but I have to press "Alt" to get access to the "." period or "," character that I use 1000 times a day.

And thus endeth the griping.

But, seriously, RIM, why? Why such incredibly incredibly DUMB features such as a feature that wipes your ENTIRE phone. Even if you do a back-up daily, if I lost that contact I entered 4 hours ago, I'd be so angry.

[the_sandman_454]

I hate this feature. If you want to have it, fine, but I cannot BELIEVE there is no way to disable it.

If someone gets a hold of your blackberry (anyone who doesn't like you, etc) they can just maliciously wipe all of the data from your phone. Police could do it. Anyone.

THINK OF IT THIS WAY:

You buy a new house. Then the real estate agent tells you, "Oh, by the way, if anyone tries to pick the lock or forcibly enter into your home more than 10 TIMES, the entire contents of the house explode and are gone permanently" -- "WHAT??" you say, "I don't like that idea at all. Can't I just set it that they keep trying to break in forever? I don't want my furniture and filing cabinet to blow up. Those are very important to me." -- "NO," says the real estate agent, "that's a security feature that's in place whether you like it or not. Yes, it's your home, but WE determine what happens to YOUR contents, even if you vehemently object".

I'm sorry, but it's one of the STUPIDEST things RIM has done. I have written to them and complained to them about this for 2 years, and I even sat next to one of the testers for RIM on a flight, and he agreed that it is an incredibly asinine feature if it can't be disabled, yet every new Blackberry has this dumb, dumb, dumb feature that can't be disabled by THE OWNER OF THE PHONE, WHOSE CHOICE IT SHOULD BE WHETHER SOMEONE CAN DELETE THE ENTIRE CONTENTS OF THE PHONE JUST BY ENTERING THE PASSWORD WRONG TEN TIMES---HOW HARD IS THAT TO DO??

Imagine you video someone doing something, and the police/customs whatever confiscate your phone, even though they don't have access to your password, they can delete the contents of the phone and wipe it clean WITHOUT KNOWING YOUR PASSWORD.

Ok. Someone steals your phone. They have your phone no matter what, whether they try the wrong password 10 times or they get unlimited tries to break in using what is known as a brute force attack. Just throw every possible combination of password imaginable (via a simple program) and bust their way in.

Would you rather the individual have access to your data or would you rather the device nuke itself?

It is the smartest way for RIM to have gone since they're security minded. This is one of the things they've done absolutely right.

In your police example they know better than wipe a blackberry with evidence on it inadvertently. More than likely they will work with you/have you transfer the evidence off the device to a computer anyway. I just can't picture that scenario going down that way.

This, along with the feature where you can accidentally pocket dial 911 in your pocket with that stupid "Emergency Call" feature (about 70% of Blackberry owners have had it happen to them---and NO, the keyboard locking function does NOT work reliably, because that unlock button gets pressed so easily in your pocket) are amongst a few of those persistent features that RIM NEVER GETS RID OF and show why they are too stodgy and stupid to ever LISTEN TO THEIR USERS and why they will never outperform in the mobile market.

That's an interesting figure you came up with for the number of users who have pocket dialed 911. I've never had it happen and I pocket carried 2 BB's over 2 years. I don't believe the number is anywhere near that.

(My final complaint -- why is the "$" sign assigned its own key on every Blackberry? Thank GOD I have single key access to that "$" sign that I NEVER type, but I have to press "Alt" to get access to the "." period or "," character that I use 1000 times a day.

And thus endeth the griping.

But, seriously, RIM, why? Why such incredibly incredibly DUMB features such as a feature that wipes your ENTIRE phone. Even if you do a back-up daily, if I lost that contact I entered 4 hours ago, I'd be so angry.

Just use the space bar twice to produce a ".".

For the contacts, I guess you should set your contacts up to sync to the cloud then, so it is always backed up.

[moiselles]

I keep all of my financial info on my phone plus my passwords, alarm codes, and vault combos for my work. They are all in PasswordKeeper which is password protected anyway (a different password than my BB password lock) and God forbid I lose my phone or if it is stolen... I'd prefer my phone be wiped if someone attempts to get into my phone. I have my Password Lock set to come on after 20 minutes as I often leave my phone on my desk while I'm doing other things around the office, I'd hate for one of my co-workers to get nosey or if a leave a client at my desk for them to get curious if I have to step away, even if its not malicious and just curiosoity, I feel better knowing there is a password on my phone, which is usually a deterent to anyone who would simply be curious.

And if you're so worried about wiping your phone if you forget your password, pick a password you can remember! Its not that hard...

Posted from my CrackBerry at wapforums.crackberry.com

[BoldtotheMax]

Some people whine about anything...

Me thinks it would be a good idea to password protect your phone and wipe it after so many failed attempts...so good job RIM for doing that.

I mean honestly, if you were sane, you do weekly backups of your info on your home/work computer, maybe more, maybe less..me I do it every couple days.

So if you have a "meathead" friend decide to just wipe your phone, then it isn't that hard to restore your info back onto your device. Inconvenient? Yes, of course...but much better than having someone have your info...

Maybe some people can care less about that? Seems so...

Posted from my CrackBerry at wapforums.crackberry.com

[the_sandman_454]

If you're willing to allow unlimited password tries, just don't use password protection at all. Either way it has the same end result if someone gets a hold of your device. Either way people can (easily) get in and take/exploit your info.

[TheScionicMan]

That would be DUMB to only have your info in your phone. If you aren't syncing the info, then why have a smartphone?

[BergerKing]

Seems to me that anyone smart enough to activate the password lock would at least have enough active brain cells to remember their password. If you cannot remember the device password, 1. Reduce your party time. 2. Get less malicious friends. 3. Don't use the password lock. 4. Acquire a Jitterbug. They have one button to push that connects you to a service rep that will dial your # for you.

Posted from my CrackBerry at wapforums.crackberry.com

[ippym]

Look, all of this discussion, whether it's useful to have the feature or not, comes down to this:

Yes, sure, maybe it's an *amazing* feature that you love, OR maybe it's a supremely horrible feature that in YOUR particular situation is a really bad feature that you don't want.

REGARDLESS of what you feel about the wrong-password-data-wipe feature, **as the owner of the phone, it should be your choice whether or not a series of incorrect password attempts wipes the data on your phone.** It should be something that, as the owner of YOUR phone, YOU can set, YOU can choose.

Maybe you are in a position where you can't back up your phone every day. Maybe you put so much information in your phone every day (like me) that even one day's worth of info is extremely valuable before it gets backed up. Maybe you keep your phone in a place where (like a high school etc.) malicious or joking people can grab it for a couple of minutes and manage to wipe the data by entering the password incorrectly ten times.

It doesn't matter -- it should be a feature that you have the OPTION to DISABLE. And that is the ultimate point.

(Just like the feature where you can dial 911 from a locked phone as easily as you can by pocket dialling should be something you can CHOOSE to enable. You should at least have to physically dial "9-1-1" or type something specific in order to dial 911 in that situation --- oh, and for the people who say that's never happened to them, look up blackberry emergency call or blackberry 911 in google and see how many thousands of people are furious that accidental 911 calling keeps happening to them. )

[And by the way, brute-force password cracking attempts take weeks to do on a phone, if not months, with most cracking software. If someone wants your data from your phone THAT badly, they're just going to steal your data some other way, or steal your phone right after you've entered the password. If your data is THAT valuable, you must be pretty someone pretty impressive for others to go the effort of brute-force attacking your phone for that long.]

This entire thread would be over and done with if these were all OPTIONS you could ENABLE or DISABLE or if you could manage them better.

[BergerKing]

You can choose to use the Password Lock, or choose not. But, BY LAW, ANY cellular handset must be capable of making 911 calls, whether locked or even without a service plan. Period. You do not get the option to disable it. If you have a problem with that, gripe to the government, I'm sure they're willing to listen.

Posted from my CrackBerry at wapforums.crackberry.com

[dralarms]

Wow, so if I lock my phone, forget my password, and enter the wrong one 10 times my phone does a complete wipe back to factory and gives me a "new phone"?

Not sure on my feelings for or against this but I'm glad to know it. I'll keep it backed up more often now.

How do you dial 911 without dialing 911?

[hootyhoo]

Look, all of this discussion, whether it's useful to have the feature or not, comes down to this:

Yes, sure, maybe it's an *amazing* feature that you love, OR maybe it's a supremely horrible feature that in YOUR particular situation is a really bad feature that you don't want.

REGARDLESS of what you feel about the wrong-password-data-wipe feature, **as the owner of the phone, it should be your choice whether or not a series of incorrect password attempts wipes the data on your phone.** It should be something that, as the owner of YOUR phone, YOU can set, YOU can choose.

Maybe you are in a position where you can't back up your phone every day. Maybe you put so much information in your phone every day (like me) that even one day's worth of info is extremely valuable before it gets backed up. Maybe you keep your phone in a place where (like a high school etc.) malicious or joking people can grab it for a couple of minutes and manage to wipe the data by entering the password incorrectly ten times.

It doesn't matter -- it should be a feature that you have the OPTION to DISABLE. And that is the ultimate point.

(Just like the feature where you can dial 911 from a locked phone as easily as you can by pocket dialling should be something you can CHOOSE to enable. You should at least have to physically dial "9-1-1" or type something specific in order to dial 911 in that situation --- oh, and for the people who say that's never happened to them, look up blackberry emergency call or blackberry 911 in google and see how many thousands of people are furious that accidental 911 calling keeps happening to them. )

[And by the way, brute-force password cracking attempts take weeks to do on a phone, if not months, with most cracking software. If someone wants your data from your phone THAT badly, they're just going to steal your data some other way, or steal your phone right after you've entered the password. If your data is THAT valuable, you must be pretty someone pretty impressive for others to go the effort of brute-force attacking your phone for that long.]

This entire thread would be over and done with if these were all OPTIONS you could ENABLE or DISABLE or if you could manage them better.

Ok. You like to use hypotheticals. How bout this. A lot of BB users maybe employees of a military contractor for uncle Sam. There may be sensitive data on their phone. This data might be more important than data entered say, at high school. If the option to increase the password limit was available, I'm sure some knuckle head would use it and, being a knuckle head, might lose their phone. Uh oh.

Posted from my CrackBerry at wapforums.crackberry.com

[greeneink]

REGARDLESS of what you feel about the wrong-password-data-wipe feature, **as the owner of the phone, it should be your choice whether or not a series of incorrect password attempts wipes the data on your phone.** It should be something that, as the owner of YOUR phone, YOU can set, YOU can choose.


Blackberries are about security 1st, media apps 4th. This is one of the main reasons BB users are so loyal to the product. I chose BB's for this reason. There are many things I would change or wish they were a little better on my 9650, security is not one of them. BLACKBERRY is hands down the LEADER i n this area.
If security is not as important to you maybe you should look elsewhere. I'm sure apple or google has a phone for you.

[hootyhoo]

*Bank employee. "Um boss, I just lost my BB"
*Bank CEO. "that's ok. We'll get you another one. Nobody can get to the account numbers I sent you earlier. BB has the best security"
*Bank employee. "Um boss. I disabled it because I thought it was a pain".
Uh oh.

Posted from my CrackBerry at wapforums.crackberry.com

[TheScionicMan]

*Bank employee. "Um boss, I just lost my BB"
*Bank CEO. "that's ok. We'll get you another one. Nobody can get to the account numbers I sent you earlier. BB has the best security"
*Bank employee. "Um boss. I disabled it because I thought it was a pain".
Uh oh.

*Bank CEO: No worries, You may think you disabled it, but the IT Policy on the BES put it back on or blocked you from changing it in the first place. Besides, we'll just remotely wipe it and get confirmation.
*Bank Employee. "Um Boss, I'm part of the iPhone/Android test group and I rooted/jailbroke my phone...
*Bank CEO. Uh Oh...

[oldtimeBBaddict]

Is there any way to set it so your BB doesn't when going past the limit set. I can understand how it makes sense if you forget your password but what if you lost your phone and someone picked it up. They get a new BB if they try the password more than 10 times.

While I dont agree with the OP's assessment of the usefulness of the "self-destruct" feature, I absolutely agree the the owner of a BB for personal use should be free to disable the feature. I also feel that they should be able to wipe (not just hide) the demo apps that come with a new one out of the box.

Of course, as noted previously, if you don't set the password protection, then it's a moot point anyway.

[TheScionicMan]

You CAN disable the feature. Don't password protect it. Do you want protection or not?