I get asked all the time which phone lock is the “safest”: Face ID, fingerprint, or a plain passcode. As a journalist who’s spent years writing about tech and security, I don’t like simplistic answers — each method has trade-offs between security, convenience, and legal context. Below I walk through how each one works, where they fail, and how I choose to protect my own devices and sources.

How these systems actually protect your data

Before picking a winner, it helps to understand what each method is doing. The phone isn’t matching a full photo or raw fingerprint image against a stored image. Modern devices convert biometric input into a mathematical “template” and compare that template locally, inside a secure part of the phone’s hardware (Apple’s Secure Enclave, Android Trusted Execution Environment, or a dedicated security chip). Passcodes or PINs are usually hashed and stored similarly, and they can also serve as the key that unlocks disk encryption.

So security depends on three things: how unique and hard-to-spoof the credential is (biometric or numeric), how securely that credential is stored and checked, and what fallback methods the phone allows.

Face ID (and other face unlock systems)

Apple’s Face ID is the high-profile example here: it uses infrared dots, depth mapping, and neural-network matching. That mixture gives it strong liveness detection and low false-accept rates for strangers. Many Android face-unlock implementations, however, are simpler and only use a 2D camera — much easier to spoof with a photo or mask.

What I like about Face ID:

  • Strong anti-spoofing: depth sensing and infrared reduce the risk of being fooled by photos or videos.
  • Secure local storage: templates stay on the device’s secure enclave.
  • Convenience: it’s fast and often seamless, which means people actually use it.

    • Where it can fail:

  • Twin or very similar faces can occasionally unlock—rare but documented.
  • Legal and coercion concerns: in some jurisdictions, authorities or others could force you to unlock with your face.
  • Masking limitations: during the pandemic, many face systems struggled until manufacturers added mask-aware workflows or required a passcode after a few failed attempts.

    • Fingerprint sensors

    Fingerprint sensors (capacitive pads, optical in-display sensors) remain a common and often very reliable method. They generally offer a lower false-accept rate than simple face unlock systems, and physical spoofing is harder than presenting a photo — but not impossible if someone goes to the trouble of creating a replica fingerprint.

    Strengths:

  • High convenience: quick and works in many lighting conditions.
  • Good security in modern phones: fingerprints are stored in secure hardware and never leave the device.
  • Less likely to be accidentally triggered: you need to touch the exact spot.

    • Weaknesses:

  • High-effort spoofing is possible: molds and lifted prints have fooled some systems in labs.
  • Physical factors: cuts, moisture, or dirty sensors can cause failures.
  • Coercion issues are similar to face unlock: someone could force your finger to the sensor, and legal protections vary.

    • Passcode / PIN

    A strong passcode (or better yet, an alphanumeric password) is the baseline. It’s the fallback for most biometrics and, importantly, it’s the secret that courts often treat differently from biometrics.

    Why I still trust a good passcode:

  • Privacy-respecting: it’s a secret only you know, and it can’t be copied by fingerprints or face data.
  • Defeats biometric spoofing: when set to require the passcode after a reboot or after too many failed biometric attempts, it gives a strong layer of defense.
  • Encryption root: on many phones the passcode is part of the cryptographic key that decrypts storage, so a strong passcode directly increases technical security.

    • Where passcodes go wrong:

  • Weak PINs (1234, 0000) are trivial to guess or shoulder-surf.
  • People reuse the same PIN across devices or accounts.
  • Legal coercion: in some places authorities can compel you to reveal a passcode; in others they may try to force biometric unlocking instead. Laws vary.

    • Comparing them at a glance

    Method Security vs spoofing Convenience Coercion/legal risk
    Face ID (modern depth sensors) High (depth + liveness checks) Very high Medium-high (can be forced; legal rules vary)
    Basic face unlock (2D) Low-Medium (photo/video spoof risk) Very high Medium-high
    Fingerprint Medium-High (can be spoofed with effort) High Medium-high (physical coercion possible)
    Passcode / PIN Varies (weak PIN low, long password high) Medium (typing takes longer) Varies by law (sometimes easier to compel disclosure)

    What I recommend and how I use my phone

    I treat biometrics as a convenience layer, not as the only barrier between the world and my data. Here’s the approach I use and recommend:

  • Use a strong passcode or password: at minimum a six-digit PIN; better yet an alphanumeric password of 8+ characters or a longer PIN. On iPhone, I set a 6-digit minimum and sometimes use a custom alphanumeric password for sensitive devices.
  • Enable secure biometrics for daily use: Face ID or fingerprint for quick access. It makes secure behavior stick because I actually lock my screen instead of leaving it unlocked for convenience.
  • Require passcode after restart: set your phone to demand the passcode after a reboot or after a set number of failed biometric attempts. That thwarts many remote or physical bypass tricks.
  • Use app-level locks for sensitive apps: banking, password managers and some messaging apps can require their own PIN or biometric — useful if someone gets temporary access.
  • Keep software up to date: security patches fix biometric and authentication vulnerabilities. I update as soon as I can.
  • Be aware of legal context: if you live or travel to a place where passcodes can be compelled, think about how you store the most sensitive materials (use encrypted containers, separate devices, or hardware tokens).

    • Practical tips to reduce risk

  • Disable simple face unlocks that rely only on a selfie camera — opt for phones with TrueDepth or structured-light systems.
  • Register multiple fingerprints (e.g., both thumbs) and test them in various conditions, but don’t register other people’s prints.
  • Turn on “erase data” after a certain number of failed attempts only if you’re comfortable with the risk of accidental wipe.
  • Know how to quickly disable biometrics on your device (iOS has an Emergency SOS that temporarily disables Face ID/Touch ID; Android phones have similar options). I keep that in mind whenever I’m in a situation where coercion is possible.
  • For the highest-stakes data, consider hardware two-factor tokens (YubiKey) or end-to-end encrypted services that can be protected by a strong passphrase separate from device unlock.

    • Ultimately, if you want a simple takeaway: a modern depth-based Face ID or a good fingerprint sensor is excellent for everyday protection and will stop most attackers. But your safest configuration combines both biometrics for convenience and a strong passcode as the true cryptographic key — and you should treat biometrics as a usability feature rather than the only safeguard for your most sensitive secrets.