This is an old revision of the document!
Table of Contents
Passwords
Different password for every site and service
Different username for every site and service
Good passwords: XKCD
Managing passwords
Password managers: NCSC
Change your password if you think it is compromised
Advice used to be to change your passwords frequently. No longer considered good practice. Change frequently or not: ICO v NCSC
PINs on devices
Fingerprint / face recognition / biometric unlock
In some jurisdictions, it appears that one cannot be forced to disclose a password, but can be asked to place a finger on a device to unlock it. If in doubt, you might consider disabling fingerprint unlock for the duration of a trip into such a country.
Convenient, fast, and not something which can be detected by just looking over your shoulder as you enter it into the phone.
Swipe patterns
Even with the Android swipe pattern unlock mechanism, it is pretty easy to watch someone do a basic pattern once and replicate it โ so you need to go for something pretty complicated, coupled with shielding your phone when you enter your passcode.
Obviously defeated by security cameras nearby.