Perimeter Security: Securing Access to the Device

So far in this chapter, we've discussed applications of encryption, including how to authenticate a user name and password to protect access to your application and how to encrypt data in databases and files. We have also discussed input validation. If you, the developer, have done your job properly, it really doesn't matter if the device is lost or stolen, does it?

Because there's no such thing as perfect security, you must use defense in depth: Put many obstacles in front of your attackers. If your devices run Windows Mobile, the first thing you should do is use the built-in power-on password. This feature is disabled by default, and when activated you can choose between a simple four-digit personal ...

Get Microsoft® Mobile Development Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.