Researchers found your Android lock screen pattern can be hacked in just 5 attempts

Impact

The 40% of Android users who utilize a lock screen pattern to protect their phone should be wary: Researchers at the University of Lancaster, Northwest University in China and the University of Bath have found it is easy to hack a lock screen pattern.

Android users have the option to draw a pattern instead of entering a passcode or using their fingerprint to unlock their device. There are nine nodes you can use to create a lock screen pattern, which means there are 389,112 possible pattern lock codes. That sounds like it would be pretty secure, but it's not.

All it takes is a camera and software

In a paper, the University of Lancaster researchers say that making the password can be cracked by recording someone drawing their pattern, Business Insider reported. And the spy doesn't have to be up close and personal. Simply recording someone's hand movement from around 6.5 feet away using a smartphone or 29.5 feet away using a professional SLR camera can provide enough footage to crack the code. A software can use the footage to use "the geometry information of the fingertip movement trajectory to identify the most likely patterns to be tested on the target device."

It can crack patterns 95% of the time

The study tested this using a computer algorithm to discover patterns and 95% of the time, in 120 unique passwords from 215 users, a smartphone code could be cracked in five or less attempts. And, as counterintuitive as it may seem, complex patterns were simpler to hack than more common ones since they are more unique and easier to identify.

"As well as for locking their devices, people tend to use complex patterns for important financial transactions such as online banking and shopping because they believe it is a secure system," Zheng Wang, lead investigator and co-author of the paper, told the Mirror. "However, our findings suggest that using Pattern Lock to protect sensitive information could actually be very risky."

Previous research found commonalities in people's choice of patterns

Couple this with the 2015 findings by Marte Løge, a graduate of the Norwegian University of Science and Technology, and your lock screen pattern is not as secure as you'd imagine. Løge studied around 4,000 Android pattern locks to find some passcode habits were used more by people than others, as previously reported by Mic. For instance, 44% of lock screen patterns start at the node on the upper left corner, 77% of the patterns start at one of the four corner nodes, and more than 10% of Android users pick a pattern shaped like a letter of the alphabet. There were gender differences too: men opted for longer and more complex patterns than their female counterparts.

How to protect yourself

The researchers advise users to play around with the screen color and brightness while drawing the pattern, mixing pattern locking with other forms of security, or opting for a different measure (e.g. fingerprint or iris scan) your device offers.