We here at Techlicious do a lot of reporting on how unsafe many peoples’ passwords are – using “1234,” “Password” or your dog’s name just doesn’t cut it security wise. Now, a new analysis of Android lock pattern passwords conducted by Norwegian University of Science and Technology graduate Marte Løge reveals that many lock patterns are trivial and easy to guess.
“Humans are predictable,” Løge explained to the Ars Technica blog. “We’re seeing the same aspects used when creating a pattern … [for] PIN codes and alphanumeric passwords.”
According to Løge’s analysis of over 4,000 Android lock patterns, a significant number of people use the minimum number of four nodes, making it far easier for hackers to guess your pattern. Worse yet, the research shows that 44 percent of people start in the top left-most node and 77 percent start in a corner, further trivializing those shortened patterns. Many people follow up their left-hand start with a move to the right; while those who are at a top node typically then move to the bottom. And 10 percent of others make the mistake of forming a letter with their lock patterns.
How do you prevent having an easily guessed Android lock pattern? Løge recommends using longer sequences – there are only 1,642 possible combinations with a four-node pattern, while there are 140,704 combinations with an eight-node pattern. Don’t start your lock pattern with the top left-hand corner. And if possible, upgrade your device to one with a fingerprint lock – Android Marshmallow 5.0, coming later this year, will support the feature. (You can read more about the rest of the new features waiting in Android 5.0 right here on Techlicious.)
[Image credit: Google]