Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

New data uncovers the surprising predictability of Android lock patterns

  • 16-09-2015 1:36pm
    #1
    Closed Accounts Posts: 720 ✭✭✭


    Just been reading this month's Cryptogram newsletter and saw a link to this very interesting article:

    weak-android-lock-patterns-640x380.png
    The abundance of password leaks over the past decade has revealed some of the most commonly used—and consequently most vulnerable—passphrases, including "password", "p@$$w0rd", and "1234567". The large body of data has proven invaluable to whitehats and blackhats alike in identifying passwords that on their face may appear strong but can be cracked in a matter of seconds.


    See full article : http://arstechnica.com/security/2015/08/new-data-uncovers-the-surprising-predictability-of-android-lock-patterns/


Comments

  • Closed Accounts Posts: 720 ✭✭✭anvilfour


    I must confess I have been guilty of using the "N" pattern... I have never thought the pattern offered as much security as a code in that the very reason patterns are popular over passphrases i.e they are easier to remember is precisely what makes them vulnerable. Still I'd be very interested to hear all your thoughts on this.


  • Registered Users, Registered Users 2 Posts: 6,966 ✭✭✭CelticRambler


    Maybe they're underestimating the general public's appreciation that even a "secure" password is of limited usefulness when data miners can figure out all the "important" stuff about us anyway.

    I have one of those simple lock patterns, not because I'm bothered by someone stealing my data but because Google-Android haven't yet provided a way to stop my icons from moving themselves all around the screen. Bloody annoying though, as even the simple one can take three goes to unlock if I'm doing it left-handed or sideways or with cold fingers in the rain.


  • Registered Users, Registered Users 2 Posts: 17,371 ✭✭✭✭Zillah


    Mine is a counter intuitive nine-point unlock and I have the GUI feature where they light up disabled, so people looking over my shoulder can't really see it either. The "three failed attempts to unlock with increasing fury" period only lasted about six months...


  • Closed Accounts Posts: 720 ✭✭✭anvilfour


    Some very interesting thoughts, thanks guys!

    Of course this would only be a problem if your device were stolen or seized, still that's much more likely to happen than for you to be targeted by hackers!


  • Registered Users, Registered Users 2 Posts: 17,371 ✭✭✭✭Zillah


    Can someone more mathematically minded explain why an eight point code is no more secure than a nine point code, please?


  • Advertisement
  • Closed Accounts Posts: 720 ✭✭✭anvilfour


    Zillah wrote: »
    Can someone more mathematically minded explain why an eight point code is no more secure than a nine point code, please?


    You asked!

    http://commons.erau.edu/cgi/viewcontent.cgi?article=1026&context=db-security-studies


  • Registered Users, Registered Users 2 Posts: 17,371 ✭✭✭✭Zillah


    Can someone more mathematically minded explain why an eight point code is no more secure than a nine point code, as though explaining to a child, please?

    EDIT: Wait, I just got it I think. If you've used 8 of 9 possible input points, there is only one remaining point to choose from, so there are effectively no further variations?
    EDIT: Actually I'm not entirely sure that makes sense...


  • Closed Accounts Posts: 3,006 ✭✭✭_Tombstone_


    Use Pin or Pattern (not the word lock) if using Lollipop, another new bug out for crashing the lock and accessing the Main Screen, as simple as entering a big huge password.

    http://www.theguardian.com/technology/2015/sep/16/android-lockscreen-password?CMP=twt_gu


Advertisement