Anyone who can access your already logged-in computer or mobile device can do whatever you can do on your system without having to learn your account's password or PIN.
Relying on your computer's timeout-based locking function, i.e., screensavers that lock the computer after a predefined period of inactivity, gives an intruder too much time for mischief. If your system is set to lock after fifteen minutes of inactivity, all that someone who wants to hijack your system needs to do to buy some more time is to bump the mouse before the fifteen minutes have passed. That will give him or her an additional fifteen minutes during which your computer is accessible without a password. This process can be repeated indefinitely until there are no other bystanders by your desk to question the intruder's presence.
Keeping unattended computers, tablets and smartphones safe
Often, computers, tablets and smartphones are set up to automatically log into e-mail and other applications. In the case of smartphones, it is very common for individuals not to protect them with at least a password or a PIN. If the smartphone configured without a password or PIN is misplaced or stolen, the person gaining possession could immediately read your e-mail, generate e-mail in your name and access any data your device is configured to automatically access. We strongly recommend that you:
- Manually lock your computer, tablet, smartphone or other devices when they are not in use to prevent anyone who gains access to the device from using your logged in session
- Avoid setting your computer, tablet, smartphone or other device to automatically log into e-mail and other applications that may hold sensitive information