Even if mobile security is improved and is actually better now compared to the last decade, password leaks and privacy issues will always be a problem. It might take us days to feature the biggest leaks to date but we’re not gonna do that. What we promise to do is tell you how to safely manage passwords or at least teach you how to be safe
from ruining your lives from prying eyes.
Earlier in January, SplashData has released a list of Worst Passwords of 2014. We learned from that report not to use 12345, basketball, qwerty, and even the word ‘password’ as password. They are too common, putting the user at high risk of accounts or identities being stolen.
Genius hackers will always find a way to get into anything so us ordinary users might as well be prepared by not posting anything that would harm us or anyone. For Android, one alternative to alpha-numeric passwords is using an Android lock pattern. It’s common in most Android devices with Google patenting the idea four years back and introducing it a few years ago.
Android lock patterns were deemed effective and hard to crack that even the FBI investigators were once stumped by them. That was before because now, they can be very predictable. The sample (about 4,000) of Android lock Patterns collected and studied is small but it’s been discovered that most people follow common patterns.
Norwegian University 2015 graduate MarteLøge study on the ALPs collected as part of her master’s thesis. According to her, about 77 percent of the sample started in one of the four corners. About 44 percent started in the top left of the lockscreen. She also found out that some patterns usually started from left then moved to right or top to bottom.
Løge presented the results of her study in Las Vegas at the recently concluded PasswordsCon. Her presentation entitled “Tell Me Who You Are, and I Will Tell You Your Lock Pattern” included some estimates on how many possible combinations are there. For Android lock patterns that have four to nine modes, she said that there are about 389,112 possible combinations. She also said that 4-nodes is more popular while 8-nodes are the least popular to be used when she requested the subjects to create ALPs for special use. Other highlights of the study include the following points:
• males choose long and complex patterns more likely than females
• a specific sequence of nodes is key in how complex a pattern is
• number of nodes may determine how susceptible a pattern it to guessing tracks
• more than ten percent of sample collected were fashioned after a letter in the alphabet like C, O, N, S, M, L (see image above)
• these letters are usually the first initial of the name or anyone close to the subject
• left-handed users usually pick the same starting places as the right-handed users
Since all these can be a problem and pose security threat to anyone using Android lock patterns, tips on how to make them more secure are needed. At the end of the study, Løge recommended the following:
1.) Choose one with more nodes and a higher complexity score.
2.) Incorporate crossovers since it makes it harder for an attacker looking over the target’s shoulder to trace the precise sequence.
3.) Open the Security category in Android settings.
4.) Turn off the “make pattern visible” option.
Yes, we admit that there is always a way to hack something but there are also many ways to prevent such from happening. It’s up to you how to keep your stuff safe and secure from prying eyes and itchy fingers. Don’t be predictable. Change your routine. Regularly change passwords. Don’t share access with anyone.
VIA: Ars Technica