Slashdot Mirror

← Back to Stories (view on slashdot.org)

Android Device's Pattern Lock Can Be Cracked Within Five Attempts, Researchers Show (phys.org)

Posted by msmash on from the security-woes dept.

The popular Pattern Lock system used to secure millions of Android phones can be cracked within just five attempts -- and more complicated patterns are the easiest to crack, security experts reveal. From a research paper: Pattern Lock is a security measure that protects devices, such as mobile phones or tablets, and which is preferred by many to PIN codes or text passwords. It is used by around 40 percent of Android device owners. In order to access a device's functions and content, users must first draw a pattern on an on-screen grid of dots. If this matches the pattern set by the owner then the device can be used. However, users only have five attempts to get the pattern right before the device becomes locked. New research from Lancaster University, Northwest University in China, and the University of Bath, which benefitted from funding from the Engineering and Physical Sciences Research Council (EPSRC), shows for the first time that attackers can crack Pattern Lock reliably within five attempts by using video and computer vision algorithm software. By covertly videoing the owner drawing their Pattern Lock shape to unlock their device, while enjoying a coffee in a busy cafe; for example, the attacker, who is pretending to play with their phone, can then use software to quickly track the owner's fingertip movements relative to the position of the device. Within seconds the algorithm produces a small number of candidate patterns to access the Android phone or tablet.

5 of 147 comments (clear)

  1. Re:So it you watch someone draw the pattern... by tripleevenfall · · Score: 5, Funny

    Breaking: iPhones have a zero-day vulnerability that involves you watching someone enter their password. No ETA on a fix.

  2. Re:Scratch patterns too will show the path by slimshady76 · · Score: 4, Funny

    If you leave scratches in your phone just by using it as intended, maybe look into getting a better phone.

    Hey, you have to take other possibilities into account. Maybe he's related to Wolverine...

  3. More Non-News by LeftCoastThinker · · Score: 3, Funny

    TLDR: Some dude figures out that video recording someone entering their password lets you figure out the password...

    --
    If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
  4. Re:foiled!! by Oswald+McWeany · · Score: 3, Funny

    Steve Jobs would say "you're holding it wrong."

    --
    "That's the way to do it" - Punch
  5. LOL by rebelwarlock · · Score: 3, Funny

    So after recording someone entering the unlock combination, you still take multiple tries to figure it out?