Predictable Android lock patterns

Posted to Statistics  |  Tags: , ,  |  Nathan Yau

Passwords are annoying, which is why so many people use passwords that are less than secure. Maybe the keys are a bit shorter than they should be, match a word in the dictionary, or are repeats across services. In these cluster of passwords, patterns become obvious.

Marte Løge, for her master’s thesis at Norwegian University of Science and Technology, wondered if similar rules applied to Android lock screen patterns. Dan Goodin for Ars Technica explains:

Data breaches over the years have repeatedly shown some of the most common passwords are “1234567”, “password”, and “letmein”. Løge said many ALPs suffer a similar form of weakness. More than 10 percent of the ones she collected were fashioned after an alphabetic letter, which often corresponded to the first initial of the subject or of a spouse, child, or other person close to the subject. The discovery is significant, because it means attackers may have a one-in-ten chance of guessing an ALP with no more than about 100 guesses. The number of guesses could be reduced further if the attacker knows the names of the target or of people close to the target.

So wait a minute. What’s a lock screen?

Favorites

Interactive: When Do Americans Leave For Work?

We don’t all start our work days at the same time, despite what morning rush hour might have you think.

Unemployment in America, Mapped Over Time

Watch the regional changes across the country from 1990 to 2016.

A Day in the Life of Americans

I wanted to see how daily patterns emerge at the individual level and how a person’s entire day plays out. So I simulated 1,000 of them.

Graphical perception – learn the fundamentals first

Before you dive into the advanced stuff – like just about everything in your life – you have to learn the fundamentals before you know when you can break the rules.