Why pattern locks are not secure on Android (and what to use instead)

1024 1024 Konductor

Even the most stubborn of today’s technophobes appreciate that contemporary smartphones have become treasure chests of personal data. Information such as your credit card numbers, addresses and scanned personal documents all reside within their memory banks. Naturally, with them holding such sensitive data, it is common practice to add a security layer to prevent others from accessing it.

A common security method is to deploy a pattern lock (figures suggest around 40% of Android users opt for these over passcodes). Pattern lock are appealing to these users mainly because they’re easier to enter and also because it’s difficult for others to see you tap the letters or numbers. The question few ask though is; are pattern locks really that secure?

 

Risks of Pattern Locks

According to security research from Northwest University in China, Lancaster University, and the University of Bath, 95% of Android patterns can be accurately guessed within 5 attempts maximum. The studies revealed that hackers can work out pattern locks by filming users as they enter them, and they don’t find it difficult.

The hacker can be up to two and a half meters away and using only their own smartphone’s camera, record you entering your pattern lock with sufficient precision. A committed hacker using a digital SLR camera, can be as far as nine meters away and the size of their target phone’s display matters not a jot.

Having secured the video footage, they then apply a computer vision algorithm to process your finger movements. Within seconds, the algorithm provides the hacker with a range of possible pattern lock combinations to try.

So, surely then it’s safer to use more complex patterns? Unfortunately, this isn’t the case. It seems to fly in the face of logic, but the more intricate the pattern, the easier it is to guess as the algorithms find them easier to narrow down possible combinations. In light of this, it’s all the more worrying that Dr. Zhheng Wang, principle investigator and co-author of the study, made the point that people tend to use more complicated patterns when trying to protect important financial information.

The advice for those unwilling to change the pattern lock method to a password or pin, is to thus use a shorter one. The researchers also advise that users conceal their displays when entering their pattern lock, as they would when entering their pin at a cash machine

Keeping your smartphone’s display clean is also recommended because the smudges on a phone screen can act as a map to the pattern lock’s route.

 

Pattern Lock Alternatives

If this piece has convinced you to ditch the pattern lock, a pin, face recognition access or a fingerprint (if possible) are considered safer options. Traditional passwords are also a preferred option, but they need to be long to assure adequate security and ideally be peppered with a few special characters to bolster security even more.

Of course, when creating your password, avoid personal and obvious information such as favourite football teams or your wedding anniversary.

 

Conclusion

Locking your Android device with a pattern lock is undoubtedly more convenient, but it’s not the safest method. Passwords take a bit longer to enter but they’ll do a better job of keeping your data safe and these days, that’s not a matter to take lightly.

 

What security method do you use? Drop a comment and let us know.

AUTHOR

Anthony McNamara

All stories by: Anthony McNamara