Android Pattern Lock Can be Cracked in Under Five Attempts

The Pattern Lock method of securing an Android device – one of the most popular methods amongst users, which involves connecting dots with straight lines in a pattern devised by the user – can be cracked in just five attempts, researchers have discovered. Remarkably, the more complex the pattern, the easier it is to crack, the joint research from Lancaster University, Northwest University in China, and the University of Bath, and funded by the Engineering and Physical Sciences Research Council (EPSRC) has discovered.

The cracking method depends upon video recording a subject while they use Pattern Lock to open their smartphone or tablet. The video – at a range of up to nine metres – does not need to capture the screen of the device, merely a glimpse of the subject’s finger as it glides across the screen. An algorithm can then determine the pattern used to unlock the device within five attempts at an accuracy of 95%.

“Pattern Lock is a very popular protection method for Android Devices,” Dr Zheng Wang, principle investigator and co-author of the paper, and Lecturer at Lancaster University, told Phys.org. “As well as for locking their devices, people tend to use complex patterns for important financial transactions such as online banking and shopping because they believe it is a secure system. However, our findings suggest that using Pattern Lock to protect sensitive information could actually be very risky.”

“Contrary to many people’s perception that more complex patterns give better protection, this attack actually makes more complex patterns easier to crack and so they may be more secure using shorter, simpler patterns,” Guixin Ye, the lead student author from Northwest University, added.