Android lock patterns are highly predictable, could give people access to phones

Like normal passwords, people tend to choose very obvious patterns, research finds

Click to follow
The Independent Tech

The lock patterns that keep Android phones secure are mostly very easy to guess, new research has found.

Rather than using traditional passcodes or passwords, Android phones let people draw a pattern between nine different “nodes” that are shown on the screen. It’s intended to make the codes easier to input and harder to guess — but people are liable to the exact same mistakes as with their passwords, research has found.

Despite there being nearly 400,000 possible combinations of codes, an analysis by Martle Løge of the Norwegian University of Science and Technology of 4,000 of them found that they largely bore huge similarities.

Of those studied, 44 per cent began in the top left corner, for instance. And 77 per cent started in one of the four corners.

Passcodes tend to be a simple swipe from the left side to the right side, or from top to bottom, the research found.

Users also tended to use the minimum amount of “nodes” — four — despite Android offering up to nine. Each extra node makes the pattern far more complex.

To make the patterns more secure, users should ensure that they change direction during them. They should also use as many nodes as possible and make sure that the patterns are more complex.

The weak patterns are similar to the weaknesses found in passwords, where many people tend to use “password” or “123456”. In response to that, security experts are looking to make the sign-in process less easy to crack — using webcams, fingerprints or even brain implants and swallowable computers — but all of them have their own drawbacks.

Comments