Android security, unlock sequence too easy to hack

A study by the U.S. Naval Academy and the University of Maryland Baltimore County showed the ineffectiveness of the unlock sequence on Android smartphones

Nowadays, smartphone manufacturers equip devices with a variety of systems to protect our data. From encryption to biometrics. Think, for example, of the fingerprint sensor or the new Face ID seen on the iPhone X. Yet in spite of this there is a trend of users that endangers security.

Many people, in fact, to use the phone more quickly, or to not have to use a password or PIN every time, use a sequence of movements on the screen to unlock the smartphone. Using this screen unlocking system is the worst technique to keep our privacy safe. Compared to a six-digit alphanumeric code or fingerprint scanner, the unlock sequence is very easy to crack. According to a study carried out at the US Naval Academy and the University of Maryland Baltimore County, a sequential unlock code can be guessed and repeated even when observed by an attacker from more than 20 feet away.

The Research

To compare the ineffectiveness of the unlock sequence versus a PIN, researchers tried to remotely "spy" on the unlock-screen technique used by volunteers. Out of ten researchers in six discovered the phone's passcode when users used finger gestures on the display to activate the smartphone. Only one researcher, on the other hand, was able to guess the volunteers' six-digit PIN.

The advice

Researchers advise Android users who use an unlock sequence to at least eliminate the visual lines that track the finger swipe on the screen. This way it will be more difficult for a hacker or an attacker to understand the movements required to unlock our phone. To disable the lines on the screen at the passage of the finger just a few clicks. To do so, we need to go to Settings> Screen Lock & Password> Secure Lock SettingsĀ and disable the Visible Pattern option. Depending on the model of Android smartphone we have these steps may change slightly. In addition, the lines drawn with the finger leave obvious marks on the display of our phone, especially when it is turned off. The study has shown that through the use of smart cameras equipped with software for the recognition of lines and points, hackers can identify the unlocking sequence of a smartphone even from more than ten meters away. In short, if we really don't want to disable the unlock sequence, we need to constantly wipe our screen.