If an app had my personal info and knew the trends that make Android Lock Patterns insecure, it could suggest one that wouldn’t be as easily cracked.
Well, using a pattern to lock your Android is more advisable than using no screen lock at all. A “significant” proportion of patterns studied used just four nodes, where only 1,624 combinations are possible.
The now-familiar security feature requires the user to swipe their finger across a number of nodes in a 4×4 block to leave a distinctive pattern which when entered, unlocks the phone. To stay secure, avoid using shapes that look like letters, and stick to patterns that use five or more of the nine nodes.
“Humans are predictable”, according to Løge, “we’re seeing the same aspects used when creating a pattern locks [as are used in] pin codes and alphanumeric passwords”. She says to make your pattern more secure choose more nodes, have a crossover with the same node twice and turn off the make pattern visible option.
For her masters thesis, Løge examined some 4,000 lock patterns and discovered a set of common bad practices; the pattern-lock equivalent of starting your passwords with “123”. Very often, patterns moved from left to right and top to bottom. They’re easy to guess, and you’re probably using one. Add to that the fact that numerous patterns only went through four nodes (out of a maximum of nine), and the patterns become exceedingly easy to guess.
Men were more likely than women to choose long and complicated patterns, but interestingly there was little difference between the patterns chosen by right-handed and left-handed participants.
In doing so, this could give someone attempting to access the phone a potential one-in-ten chance of gaining access. Løge says 10 percent of patterns create a letter (like an “N” or “O”, seen above).
Løge told Ars Technica, that there are ways to make these pattern passwords better and also provided some tips to help users.
She also advises that users need to switch off the “show pattern” by going in the security settings of their phone’s device. Now we have lock patterns for getting into our Android devices, called Android Lock Patterns, or ALPs, for short that take the place of our passwords. And maybe don’t start from the top-left node.