SoylentNews

frojack writes:

As reported by Techtimes, When it comes to unlocking your Android phone, Patterns are out and Pins are back in.

The full study: Towards Baselines for Shoulder Surfing on Mobile Authentication (PDF) (open, DOI: 10.1145/3134600.3134609) (DX) was conducted by the Naval Academy and University of Maryland.

Security researchers at the U.S. Naval Academy, together with the University of Maryland Baltimore County, published a study showing how a casual onlooker can visually memorize a person's pattern then recreate it with ease. In the tests, they found that two out of three people were able to recreate six-point unlock patterns purely by looking at them from 5 or 6 feet away.

[...] Those same conditions were then replicated with a more traditional six-digit PIN code, which proved far more difficult, with only one out of 10 observers able to recreate the PIN code after peeking.

With multiple chances to view your pattern or pin, the ability of an observer to unlock your phone grows:

In the online tests, 64 percent were able to recreate the Android-style pattern after merely one viewing, but that shot up to 80 percent after a second viewing. PIN codes, meanwhile, rendered much lower vulnerability percentages: only 11 percent were able to identify a six-digit PIN after viewing it once, and 27 percent after viewing it twice.

Apple's new FaceID, previously covered Here on SN and explained more fully on Techcrunch's extensive article has its own problems and annoyances, as well as the fear of being grabbed by police, cuffed, and your phone being held in front of your face before you have time to hit 5 button presses it takes to shut off FaceID. The phone is too new for any independent tests to have been run using pictures or movies of your face.

Original Submission