This study shows that the unlock pattern you use is easy to predict
One of the security features of Android is the ability to configure a security pattern. Nine points, hundreds of thousands of combinations (ie 389 112), a system that is not particularly sure is that despite offering so many possibilities exist, never better, common patterns when configured.
You could say that there are “12345” and “password” release patterns. Predictable combinations that with a little luck you could get in a few attempts. Do not you think so? Then pay attention to the study of Mars Løge showing that this feature set makes us predictable.
We are designing predictable patterns
Løge is a student at the University of Science and Technology in Norway. In his thesis for the master did a study that analyzed data from more than 4,000 safety standards in Android. The study provides some very strong figures: 44% starting in the upper left node, 77% begin in one corner and the middle has a length of five points.
Considering the latest data, we note that with only five points we can make a total of 9,000 combinations in a 3×3 grid nodes. There is a worrying percentage of people using only four points which further reduces employers, specifically 1,624.
Another interesting finding is that in most patterns are movements from left to right and top to bottom. Here I miss the nationality of the data since that order of addresses is very Western, probably in countries where it is written from left to right the figure changes.
“We predictable” Løge said in his speech at the PasswordsCon held last week in Las Vegas. Their study was not to analyze the patterns they asked a sample of people to design three types of standards one for a bank, another for a store and finally a third to unlock the phone.
Despite the signs, the percentages show that most people opted to make combinations of four while a few less decided to use five. Popular least eight nodes, one curiously increase slightly more data.
Screening data by gender, Løge found that men tended to make longer combinations while women were betting on shorter patterns. The sample was made more complex patterns of young men. What then can be done to make it safer? Add complexity.
Løge explains that it is putting more nodes but the line is not only difficult to predict. With nine points we can make such a spiral or scroll snake points. If you opt for other, even if they have fewer points, we can do that is likely to find it out harder. Yes, it takes longer to do the trace when we turn on the screen but is safer.
With the data collected this research, he established a scale of complexity, the lowest being 6.6 and the highest value 46.8. The average of the studied patterns was 13.6. Somewhat low but keep in mind that they are difficult and complex, not easily remember. The highest it had found difficulty 44.6.
If you make a letter on the unlock pattern, it’s basically like having password “12435”. Understandably, not everyone wants to go to a difficult pattern to draw and take us any second. Still, no compromises: be a little more creative and disable the Security menu option of drawing trace when trace the pattern.