Skip to main content

Not so secure after all — Android Lock Patterns are just as easy to crack as passwords

They might seem trickier, what with their dots and lines and patterns, but as it turns out, the lock codes familiar to Android users are just as easy to crack as the alphanumeric ones used by iPhone devotees. One Master’s degree candidate at the Norwegian University of Science and Technology named Marte Løge analyzed no fewer than 4,000 Android lock patterns (or ALPs), and discovered that a whopping 77 percent begin in one of the four corners, and more surprisingly still, nearly half, at 44 percent, started at the top left. So much for creativity, eh?

Just as many traditional passwords begin with “123” or are simply the word “password,” ALPs also tend to follow rather predictable trends. And although the relative newness of ALPs (they were only introduced in 2008) has made them a bit less vulnerable to widespread attack, Løge’s work serves as a sobering reminder of how vulnerable passwords, even the newfangled sort, really are.

Recommended Videos

Upon presenting her research at PasswordsCon conference in Las Vegas, the graduate student noted, “Humans are predictable. We’re seeing the same aspects used when creating a pattern for locks [as are used in] pin codes and alphanumeric passwords.”

Interestingly enough, Løge found that men and women exhibited different tendencies in terms of password strength and complexity. While both sexes most often created ALPs that utilized just four nodes (there are a total of nine possible on Android devices), men and particularly young men were more likely to choose long and more complicated patterns. Of course, the same pitfall that faces complicated alphanumeric are present in ALPs — the more complicated the password, the more difficult it is to remember.

As such, Løge found that many people seemed to assign numbers to the node, as though it were a phone pad. Or, their patterns closely resembled letters — in fact, 10 percent of the patterns analyzed reflected some part of the alphabet. Speaking to Ars Technica, Løge said, “It was a really fun thing to see that people use the same type of strategy for remembering a pattern as a password. You see the same type of behavior.”

So what’s the solution? Løge suggests using patterns that contain a lot of crossover, making them difficult to copy or decipher. You can also turn off the “make pattern visible” setting within the Android, so wandering eyes will have an even harder time seeing what pattern you’ve chosen. But whatever you do, just be wary. Ultimately, ALPs are barely, if at all, more secure than other sorts of passcodes.

Lulu Chang
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Leaving LastPass? Here’s how to take all your passwords with you
LastPass

 

If you, like many of us, have been happily using LastPass's excellent free tier for the last few years, you're probably dismayed that LastPass is moving to change the way its free access works. From March 16, you'll only be able to sync your LastPass database between mobile devices or computers -- but not both. So if you want to keep accessing the same passwords on your phone and laptop, you'll have to pay up and join LastPass's premium subscription for $3 a month.

Read more
Google just added 6 great features to Android, from security to accessibility
Someone holding a Google Pixel 5. The screen is on and shows the Home Screen with an app folder open.

Google is bringing a range of extra features to Android, and you don't have to wait for Android 12 to get them. The company announced a series of features across the Android system, with six main updates, so there's a little something here for everyone.

The new features are starting to become available now, however, they're coming out as part of separate app updates or Android updates, so you might get some before others.

Read more
Baseus power banks are the best way to charge your phone after these discounts
A woman holding a phone with a Baseus Am41 Magnetic Power Bank attached to it.

One of the worst things about being a doomscroller isn't the information you're getting, it's the fear that your battery will die and the scrolling will have to end. This is especially true if you're stuck without power, waiting for the doctor or dentist to finally call your name, or have any other sort of emergency. But, Baseus has you covered with their excellent selection of on-the-go power banks made for your iPhone. Since they're small and fit directly to your phone's magnet charging area, you can think of them more as battery extenders than anything. Plus, if your phone's internal battery is starting to have battery trouble, a Baseus charger is a great way to avoid an annoying battery change session. The best news, however, is that they're all on sale. Here's what you can expect to see coming up:

Baseus Am31 Mini Power Bank — Was $70, Now $50

Read more