Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday September 27 2017, @11:48AM   Printer-friendly
from the I-saw-what-you-did-there dept.

As reported by Techtimes, When it comes to unlocking your Android phone, Patterns are out and Pins are back in.

The full study: Towards Baselines for Shoulder Surfing on Mobile Authentication (PDF) (open, DOI: 10.1145/3134600.3134609) (DX) was conducted by the Naval Academy and University of Maryland.

Security researchers at the U.S. Naval Academy, together with the University of Maryland Baltimore County, published a study showing how a casual onlooker can visually memorize a person's pattern then recreate it with ease. In the tests, they found that two out of three people were able to recreate six-point unlock patterns purely by looking at them from 5 or 6 feet away.

[...] Those same conditions were then replicated with a more traditional six-digit PIN code, which proved far more difficult, with only one out of 10 observers able to recreate the PIN code after peeking.

With multiple chances to view your pattern or pin, the ability of an observer to unlock your phone grows:

In the online tests, 64 percent were able to recreate the Android-style pattern after merely one viewing, but that shot up to 80 percent after a second viewing. PIN codes, meanwhile, rendered much lower vulnerability percentages: only 11 percent were able to identify a six-digit PIN after viewing it once, and 27 percent after viewing it twice.

Apple's new FaceID, previously covered Here on SN and explained more fully on Techcrunch's extensive article has its own problems and annoyances, as well as the fear of being grabbed by police, cuffed, and your phone being held in front of your face before you have time to hit 5 button presses it takes to shut off FaceID. The phone is too new for any independent tests to have been run using pictures or movies of your face.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by FatPhil on Wednesday September 27 2017, @09:32PM

    by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Wednesday September 27 2017, @09:32PM (#574050) Homepage
    I did all the calculations on a 3x3, and then just before posting I thought "shit, I've forgotten the 0", as I realised I was letting PINs use "0", but swipes not, thought that was unfair, and decided to redo them. I've never had a phone with such a lock, and if 0's aren't allowed, then of course the entropy values will be lower.
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2