The value of a strong password to protect your stuff is as high as ever
There's been a bit of a hubbub around the web about the "hack" of the Samsung Galaxy S5 Finger Scanner, and how "easy" it was.
First things first, it wasn't easy. If you're stealing a phone with the necessary equipment to also lift and reproduce someones fingerprint, then OK. You're also probably a more intense criminal than someone who randomly snatches peoples' phones.
It isn't a "hack" really, either. It's a "spoof," just as it was on the iPhone 5s. In fact, it's the exact same method that Apple's Touch ID was fooled by. So it's not so much an issue specifically with the Galaxy S5, more a flaw of fingerprint scanners in general. But that doesn't make for sensationalist headlines. So, just like the iPhone 5s and Touch ID before it, the Galaxy S5 falls into the spotlight.
And once more it highlights something we should already be aware of: use strong passwords on all of your private stuff.
The 'easy hack' and PayPal
To the right person, sure, it's easy. But if I stole your fingerprint protected Galaxy S5 out of your hand, I don't think I'll be doing this. But there's also been some sensationalizing on exactly what happens if you keep trying to scan the fingerprint in the PayPal app. Yes, you get more than one attempt at scanning the fingerprint — you get five, to be precise. If, like in the video above, you have a working copy of the fingerprint then you'll absolutely be able to get into someones PayPal account. That's not a by-product of having fooled the Finger Scanner. That's a by-product of having the right fingerprint.
After five attempts if PayPal hasn't authenticated you're given a message that states "Unable to recognize fingerprint. Please swipe again." Perhaps at this point you should require your password instead of continually swiping. But, if as in the video above you've created a working spoof of the right fingerprint, it doesn't matter how many swipe attempts you're allowed, you'll be able to get in. If PayPal locked you out completely after the first bad scan it wouldn't be a particularly user friendly experience, would it?
It's an issue, yes. But it's also an issue that isn't isolated to Samsung, or to the Galaxy S5.
No replacement for strong passwords
Just the same as with Touch ID, the Finger Scanner on the Galaxy S5 should be viewed as an assistant to your device security, adding convenience. It absolutely shouldn't be a replacement for a strong password, PIN code or screen lock pattern, which are still the best ways to secure your accounts and devices. And definitely use two-step authentication wherever you can.
Fingerprint scanning is extremely convenient, especially when it works well. For unlocking your phone, it's probably OK. And while it's pretty awesome that you can hook your PayPal account up with it, if you feel even remotely nervous about it, don't do it.
And if you need any help generating and managing strong passwords, there are a ton of options out there. LastPass, mSecure and 1Password are just a few of the options out there for various platforms that can help you generate some complex and unique passwords for your accounts.
The bottom line
Fingerprints can be spoofed – this isn't new – and this method of spoofing was highlighted back when the iPhone 5s launched. And our advice remains the same: if any of this makes you feel at all uneasy, don't use it. Stick to strong passwords. Nobody's forcing you to use the fingerprint scanner.
If you happen to know a thing or two about biometrics and security and have anything to share, please do drop it into the comments below.

Review: Caseology’s Nano Pop is the best slim but sturdy Galaxy S21 case
There’s a mountain of Galaxy S21 cases out there for you to choose from, but Caseology finally brought over one of its iPhone-only series and it is 100% worth your attention and money. Make the S21 pop with bold colors and soft but secure grip.

How Google could improve Android apps for everyone, according to devs
When Android 12 finally arrives this fall, we want our favorite apps to be ready for it. There are a few ways Google could help make that happen.

Google Pixel 4a review, 6 months later: Still the best camera under $400
It turns out Google's "less is more" approach really fits well within the constraints of a less-expensive phone, and its strengths in software and camera processing stand out against less-refined competition. The Pixel 4a picks up right where the 3a left off, with better specs, the same great camera, and a $50 lower price.

These are the best Samsung Galaxy S21 cases you can buy
If you're lucky enough to secure a new Samsung Galaxy S21 smartphone, then you probably want to make sure it's as protected as can be. Here are some of the best Samsung Galaxy S21 cases that we've found — and most are super-affordable!