Researchers Crack Android’s Popular Pattern Lock Security Within 5 Attempts

If you think your Pattern Lock system is keeping your Android safe, guess again. Researchers from Lancaster University, Northwest University in China, and the University of Bath have demonstrated that attackers could easily unlock a phone in less than five attempts.

First off, what is Pattern Lock? In order to unlock a device’s content or functions, users must draw a pattern on a grid of dots. Users typically have five chances to get it right before they are locked out. 40% of Android users utilize Pattern Lock and prefer it over using a PIN or password.


Researchers took video of owners unlocking their phones with Pattern Lock. The attacks worked regardless of screen size or content on the phone’s screen, and were able to be tracked from roughly eight feet away. Hackers were then able to use software to track the owner's fingertip movements relative to the position of the device. The researchers collected 120 patterns and were able to unlock 95% of them within five attempts.

Ironically, the more complicated passwords were easier to crack. Guixin Ye, the leading student author from Northwest University, remarked, “Contrary to many people's perception that more complex patterns give better protection, this attack actually makes more complex patterns easier to crack and so they may be more secure using shorter, simpler patterns”. Researchers were able to uncover all but one of the “complex” patterns, 87.5% of the “medium” patterns and 60% of “simple” patterns on their first attempt.


How can you prevent your Pattern Lock from being cracked? The researchers of this project recommend covering your fingers as you crank out your pattern and adding other security measures “such as entering a sentence using Swype-like methods”. They also believe that fluctuating screen color and brightness could potentially confuse the cameras used by hackers.