Ten Reasons to Lock Your Desktop

vanmeeuwen's picture

You turn your attention away from your computer - you should lock your desktop. It is not just about level of trust you put in the people that you think may indeed gain physical access to your system. If like myself, you run a home office, physical access to your system is pretty restricted. If though, again like myself, you travel frequently and attend events, you better get used to locking your desktop as soon as your attention diverts away from the screen. Here's 10 reasons;

  1. Privacy
    Your desktop is your own, and what you choose to do on your computer is nobody's business. An open chat-window with a (girl)friend may hold contents that could make the people dearest to you believe something seems what it is not - I reckon all of us sometimes say things in the privacy of a conversation with someone (we think) we know. You rarely know who's scraping your screen and what they may think of it, though.

  2. Oops!
    Sometimes screens dim or power off and sometimes people use a key like space or enter to wake up the computer. Sometimes these buttons trigger an action such as submitting a form, or execute a command. Using the delete button to "wake up a computer" of course isn't any better.
    FWIW, I use the left-hand shift key, as it is the furthest away from any key that does anything significant.
  3. Confidential Communications and Documents
    If you work for a company, sometimes somebody sends you information that is supposed to be for your eyes only. If the world knew you to not lock your desktop, how could they trust you with information that is supposed to not leak out?
    Furthermore, communications and documents may be subject to a non-disclosure agreement, either directly with you or with your employer. Whom you trust doesn't matter when it's about who's subject to an NDA, you know.
  4. "Switch User", not "Log Out, Log In"
    Your favorite desktop's unlocking dialog likely offers a user that needs the computer the capability to log in as a different user, maintaining your session, whereas it is common for somebody else to just use your open browser window to check his/her email / Facebook / Google+ / Twitter a little - using sites you may be automatically logged on to when using your user account.
  5. Your Cat / Dog / Hamster
    If you have a pet, surely you've noticed how they are kee to walk over your desk possibly accidentally hitting any of those key you have managed to avoid using to wake up your computer...
  6. su access es mi access
    With an unlocked desktop, you are surrendering the access to your files - whether they be personal, private, confidential or public. Litterally anyone gaining physical access can modify, remove or share data from your desktop.
    Furthermore, if you're anything like me, you probably have access to other systems. This may be through a certificate or two, a VPN connection, or an SSH key. You may also have a PGP key to sign and encrypt email with. Let's be honest, most people run agents or have no passphrase on these things at all. Go figure.
  7. Unsaved Work
    I'm fairly certain you do some things on your desktop that are of some significance to someone, especially while you perform tasks for work. Somebody else closing off an application you have running does not necessarily mean they save changes to documents, or save them to a location where you can find that version.
    Frankly, though, if you manage to save all your changes constantly, perhaps using the Ctrl+S keyboard shortcut, I fail to recognize how you manage to do so but fail to press Ctrl+Alt+L (or Super+L if you will) when you step away.
  8. Practical "Jokes"
    There are screensavers that just never go away. There's applications that will force you to admit something rather embarrasing as well. Whether you trust other people (that you shouldn't trust) with confidential information, do you trust them to not pull a practical joke on you as well?
  9. Keyloggers and other hackydihack
    Once you've left your desktop unattended, and unlocked, how do you make sure that your desktop is secure from that point on forward? We know of keyloggers, and we know of programmable USB sticks that can present themselves as a HID keyboard and start typing as soon as they are plugged in. Admittedly, probably only a geeky forensic scientist can figure out what happened afterwards.
  10. You Owe $x a Beer
    My personal favorite is using some mailing list I know you are subscribed to (and I am too), to send on your behalf - using your account, an invitation for beers on your dime. Naturally I disclose the fact you are buying beers because you have not locked your desktop.
    FWIW, most of the time I don't really have to have access to your unlocked desktop in order to be able to do this kind of thing using your account, since it's pretty likely lists you and I are both subscribed to (that are actually eligible for this, i.e. nothing like full-disclosure), run on servers I manage.