Slashdot Mirror

← Back to Stories (view on slashdot.org)

Android's Smart Lock Won't Ask You For a Password Until You Set Your Phone Down

Posted by samzenpus on from the staying-on dept.

jfruh writes Nothing confronts you with how addicted you are to your phone more than constantly taking it out of your pocket and entering your passcode over and over again to unlock. But without fanfare, Google is releasing an Android update that might solve the problem: a "smart lock" that can figure out if your phone has been set down since the last time you unlocked it. As long as it stays on your person, you won't need to re-enter your password.

20 of 127 comments (clear)

  1. Sooo .. by OzPeter · · Score: 4, Informative

    If your are carrying your unlocked phone, and you get mugged and hand over your phone, then the mugger now doesn't have to enter a passcode until he/she puts it down.

    Q. If your Android phone is unlocked, how easy is it to change the passcode?

    --
    I am Slashdot. Are you Slashdot as well?
    1. Re:Sooo .. by Thanshin · · Score: 3, Insightful

      It's rather worse if it gets stolen from your pocket.

      What situation would make you hand over your phone but not your pass?

    2. Re:Sooo .. by amck · · Score: 3, Informative

      Typically the power button automatically locks the phone, making it trivial to lock the phone in a hurry.

      --
      Anyone who believes exponential growth can go on forever in a finite world is either a madman or an economist
    3. Re:Sooo .. by XxtraLarGe · · Score: 5, Informative

      Q. If your Android phone is unlocked, how easy is it to change the passcode?

      You have to enter the old passcode before entering a new one, same thing to disable it altogether.

      --
      Taking guns away from the 99% gives the 1% 100% of the power.
    4. Re:Sooo .. by TuringTest · · Score: 2

      Q. If your Android phone is unlocked, how easy is it to change the passcode?

      You have to enter the old passcode before entering a new one, same thing to disable it altogether.

      But it's more than enough time to access all the services to which you're logged in in your browser, and possibly change your password in them.

      --
      Singularity: a belief in the "God" idea with the "demiurge" relation inverted.
    5. Re: Sooo .. by Melbourne+Pete · · Score: 5, Informative

      I was moving at speed in a tuk tuk in Phnom Penh when my phone was stolen out of my hands by two guys on a scooter. Not sure how likely that is for most people, but you did ask.

    6. Re:Sooo .. by brunes69 · · Score: 2

      Couple of mitigations

      - You can disable this feature if you want

      - You can also enable SmartLock which will lock the phone as soon as it gets out of range of another bluetooth device (smart watch or key fob)

      - Use android device manager to lock and/or remote wipe the phone as soon as possible after the theft. My wife has the ability to lock and remote wipe my phone from her phone using Android Device Manager, and I can do the same to hers.. you should set this up.

      - You could simply hold the power button in while handing over the phone, forcing a reboot and lock

      - You could get a dimple.io NFC button that lets you password lock your phone with a keypress

    7. Re:Sooo .. by TuringTest · · Score: 3, Informative

      So, you've never encountered a site with a "I've forgotten my password" option that sends you a mail to log in?

      Anyway, it's bad enough that a thief can access all data in the logged in service even if they can't change the password.

      --
      Singularity: a belief in the "God" idea with the "demiurge" relation inverted.
    8. Re: Sooo .. by Anonymous Coward · · Score: 5, Informative

      I've seen phones snatched out of people's hands by passing cyclists a good number of times where I live.

      Phone theft may sound rare, but it isn't uncommon, and thieves know that they can just grab the phone, stuff it in a tinfoil envelope, let it sit for a week or two until the battery dies, disassemble it, then sell the screen, case, and other parts for a good amount of cash. Same thing happens with bicycles. The thieves know not to sell the bike. Instead, they disassemble it, then haul the pieces to another city or state to sell. That Shimano Dura-Ace shifting set doesn't have any serial numbers, and a lot of cyclists will buy it without asking any questions if the price is right.

    9. Re: Sooo .. by Afty0r · · Score: 5, Informative

      This is one of the most common forms of phone theft these days - not the traditional "violent mugging" but the most basic form of physical robbery - grab it quickly out of someone's unsuspecting hand as they walk down the street focussed on their phone and not the world around them. Then run or bike away. I haven't known someone have their phone stolen in a "mugging-style" robbery in many years, but I personally know of four people (in London) who have had their phone stolen by this method recently.

    10. Re: Sooo .. by David_W · · Score: 2

      You may have been "Woosh!"ed here... doesn't two-factor auth usually send the verification code to your phone?

    11. Re:Sooo .. by beh · · Score: 3, Funny

      So, if a pickpocket picks it from your trouser pocket while you're walking along the street you quickly and easily dash after him to press the lock button on the phone while he's trying to make a getaway?

    12. Re:Sooo .. by jbmartin6 · · Score: 4, Funny

      you should set this up

      Why the hell would I want to give your wife the ability to erase my phone?

      --
      This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
    13. Re: Sooo .. by gnasher719 · · Score: 3, Insightful

      This is one of the most common forms of phone theft these days - not the traditional "violent mugging" but the most basic form of physical robbery - grab it quickly out of someone's unsuspecting hand as they walk down the street focussed on their phone and not the world around them. Then run or bike away. I haven't known someone have their phone stolen in a "mugging-style" robbery in many years, but I personally know of four people (in London) who have had their phone stolen by this method recently.

      It's all about risk and reward. The maximum reward is the same: One phone. The risk is much bigger for a violent crime. It takes longer. Someone might come and help the victim. The police might actually care and come after a thief who draws a knife or hits someone. The punishment is a lot higher, armed robbery + assault instead of theft.

    14. Re: Sooo .. by Obfuscant · · Score: 2

      and thieves know that they can just grab the phone, stuff it in a tinfoil envelope, let it sit for a week or two until the battery dies, disassemble it, then sell the screen, case, and other parts for a good amount of cash. Same thing happens with bicycles.

      I've heard that the batteries in a bike take much longer to run down, and it's hard to find a tinfoil bag big enough. But done right, yes, it's very effective.

  2. Re:horrible idea by tawt · · Score: 2

    You still have the lock screen, it's just not pin/swipe protected. You'd have to be doing some serious moves to swipe the lock screen away while it's in your pocket

  3. How comforting by sTERNKERN · · Score: 2

    "It can also recognize faces and remain unlocked when it sees a trusted face." I would choose that 2 seconds entering my pass over facial recognition anytime.

  4. Re:No need to lock the phone anyway by richy+freeway · · Score: 2

    because half of the "apps" are malware

    Thankfully, I only have the other half installed.

  5. On the Nexus anyway this is disabled by default by Chrisq · · Score: 2

    On the Nexus (and possibly other phones) this is disabled by default. You need to go to Settings->Security then "Trusted Agents" in "advanced". It will then be enabled but still won't do anything until you go to "Smart lock" in the Settings->Security "Screen Security" section and enable one or more of "trusted places", "trusted devices", "trusted faces", and "on body detection". I think the "Trusted devices" will be useful to stop it locking when in my car and attached to the hands free.

  6. Re:No Thanks by bill_mcgonigle · · Score: 5, Insightful

    It's just an example of a solution looking for a problem

    Is your claim that nobody is frustrated by having to frequently re-enter a passcode? You do realize that most people's "solution" to this problem is to have no passcode at all, right?

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)