Lock screen patterns like these are easier to predict and compromise, and really common.
The Android lock pattern has become an iconic feature since Google introduced it back in 2008, and has become a staple for many users ever since. But how much protection does it actually provide for users?
It turns out that most users have similar and predictable patterns, potentially putting millions of devices at risk of compromise.
The latest research in mobile security reveals a whopping 77 percent of users started their patterns in one of the four corners, while 44 percent began their pattern in the top-left corner of the screen. Out of the 4000 patterns that were analysed, the average number of nodes used was just five out of the nine available to users. This makes the number of possible combinations 7,152, severely limiting the highest 140,704 possible combinations when all nine nodes are used.
Marte Løge, a graduate from the Norweigan University of Science and Technology, found the habitual nature of humans could be the cause behind the alarming statistics.
"Humans are predictable. We"re seeing the same aspects used when creating a pattern locks [as are used in] pin codes and alphanumeric passwords."
When speaking to Ars Technica, Løge revealed easy screen lock patterns are comparable to bad passwords, such as “123456”, or simply “password”. Løge had several suggestions for ways to make phones more secure. By simply choosing to use more nodes, and using crossovers and complicated patterns, there is a less likely chance an attacker will see the pattern. More importantly, the Norweigan researcher suggests turning off the “make pattern visible” option in the security category of their settings, for optimal security.
Source: Ars Technica