Sign In

Communications of the ACM

ACM TechNews

Your Android Device's Pattern Lock Can Be Cracked Within Five Attempts


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Using Pattern Lock on a smartphone.

The Pattern Lock system used to secure millions of Android smartphones can be cracked within just five attempts, and more complicated patterns are the easiest to crack, security experts reveal.

Credit: Lancaster University

Researchers at Lancaster University and the University of Bath in the U.K., and Northwest University in China, have found attackers can crack Android's Pattern Lock security system within five attempts by using video and computer-vision software.

An attacker can covertly record the owner drawing their pattern lock shape to unlock their device, and then use software to track the owner's fingertip movements relative to the position of the device. Within seconds, the algorithm produces a group of candidate patterns to access the Android phone or tablet.

The researchers also found the attack works even without the video footage being able to see any of the onscreen content, regardless of screen size.

The team evaluated the attack using 120 patterns collected from independent users, and they cracked more than 95% of patterns within five attempts.

Although complex patterns are used to make it harder for observers to replicate, the researchers found these shapes are in fact easier to crack because they help the fingertip algorithm to narrow down the possible options.

"Contrary to many people's perception that more complex patterns give better protection, this attack actually makes more complex patterns easier to crack and so they may be more secure using shorter, simpler patterns," says Northwest University's Guixin Ye.

From Lancaster University
View Full Article

 

Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA


 

No entries found