Lock patterns are not safe: Learn how to better protect your phone

Google introduced lock patterns in 2008. It was harder to perform thorough studies in earlier years, but this authentication technique has matured. Fast-forward to 2022, and we’ve seen better research showing up. Sadly, most results are no good news. Experts from Cornell University, Eset, and the NTNU, among others, agree that a pattern lock is an unsafe way to protect your private information. Let’s see why!

More: How to tell if someone is spying on my phone

Lock patterns are easy to remember

Passwords have all kinds of letters, symbols, and capitalization can make a difference. This format makes them very secure. Meanwhile, a lock pattern is pretty much the making of a shape, and the human brain is very good at remembering these. In Cornell University’s study, people were asked to see a person entering a pattern from different angles. These participants were then asked to act as attackers and try to unlock the device.

64.2% of them were successful after seeing the phone being unlocked with a pattern once. This number went up to 79.9% if the “attacker” got to see the phone being unlocked multiple times. Successful attacks were much lower when using a PIN. Only 10.6% of attacks were successful after a single observation of a PIN unlock, and that number increased to 26.5% with multiple observations.

This means that an attacker will likely remember your lock pattern after only seeing you input it once. Any cashier, person behind you in a line, or common acquaintance will probably see you unlock your phone at some point! And there is no real solution to this, other than making your pattern unlock more complex or being careful about unlocking your phone in front of others.

Also: How to encrypt your phone

There are some very common patterns!

We’re not always the best at creating passwords, which is why passwords like “password” and “123456789” exist. Splash Data once gave us a list of the worst (and most popular) passwords. Seeing those will open your eyes to this issue. Sadly, this hasn’t changed, as NordPass reported in 2022. As tech consumers, we look for the simplest route possible. It’s the main reason why lock patterns were created. Pattern locks provide an easier way to keep your phone protected, but we must sacrifice some security to obtain simpler unlock methods.

A system is only strong when we know how to use it, and it seems many of us are making our lock patterns way too simple. Once attackers learn more about our collective pattern choices, this will prove to be a danger.

Also: The best encrypted messaging apps

Here are some of the most common lock pattern habits

• 44% of people usually start their patterns from the top-left corner dot.
• 77% of users began their patterns in one of the corners.
• Most users use only five nodes, and a significant amount only used 4.
• Over 10% of lock patterns were made in the shape of a letter (often representing the first initial of the person or a loved one).

Choosing better lock patterns

Let’s stop giving researchers data to analyze. Remember, these devices hold your whole digital life; we shouldn’t protect something like that with an easy pattern. I’ll give you some of my favorite tips for making Android lock patterns more complex.

• Don’t use your first initial as a pattern. Seriously, that is like making your debit card PIN your birth date. That’s a huge no!
• We simplify our security and forget Android lock pattern lines can go over each other. If you have more crossovers, it’s harder for an attacker to predict your pattern.
• Try to make your patterns longer! You can use up to 9 nodes! Why are we sticking with four to five? In fact, you can get away with using eight nodes and have the same amount of possible combinations as if you were using 9.
• Of course, try to take the common pattern habits mentioned above and do the opposite. Try to start your pattern from a node that is not in a corner and avoid the typical top-left period.

How to better secure your lock screen

Smartphones come with much better alternatives to unlock patterns. Let’s tell you about some of them so you can keep your device safe.

Note: We used a Pixel 7 Pro running Android 13 for the instructions below. Keep in mind steps might be different depending on your device and hardware. This is mainly meant to be a general guide to help you through the process.

Use a password

As mentioned above, using a full password is much safer and harder to crack than an unlock pattern. You should consider switching to a full password to ensure other people can’t easily unlock your device. Additionally, it would help if you used a complex password with symbols and numbers, as well as both capitalized and non-capitalized letters.

How to set an unlock password:

1. Open the Settings app.
2. Go into Security & privacy.
3. Tap on Device lock.
4. Hit Screen lock.
5. Select Password.
6. Enter the password and hit Next.
7. Re-enter your password and hit Confirm.

Use a longer PIN

Pins can be very secure, too, as long as you don’t make them extremely simple to guess or remember. You shouldn’t use obvious PINs like “1234” or “0000.” Instead, try to randomize the numbers better and make the PIN longer. PINs need to be at least four digits, but you can make them as long as 17 digits.

How to set an unlock PIN:

1. Open the Settings app.
2. Go into Security & privacy.
3. Tap on Device lock.
4. Hit Screen lock.
5. Select PIN.
6. Enter the PIN and hit Next.
7. Re-enter your PIN and hit Confirm.

Related: How to hide apps, photos, and files

Take advantage of biometric authentication

Modern smartphones come with great security features, including biometric authentication tools. Most smartphones have fingerprint readers, while others also include face or retina detection through the camera. These are arguably safer than simple unlock patterns, and they are just as convenient and fast to use, if not more.

How to set your fingerprint to unlock the screen:

1. Open the Settings app.
2. Go into Security & privacy.
3. Tap on Device lock.
4. Hit Face & Fingerprint Unlock.
5. Enter your PIN or password.
6. Select Fingerprint unlock.
7. Tap on Add fingerprint.
8. Follow instructions. You’ll have to put your fingerprint on the sensor multiple times.
9. Hit Done. You can also select Add another to add more fingerprints.

How to set face unlock on Android 13:

1. Open the Settings app.
2. Go into Security & privacy.
3. Tap on Device lock.
4. Hit Face & Fingerprint Unlock.
5. Enter your PIN or password.
6. Select Face Unlock.
7. Scroll down, read the terms, and pick I agree.
8. Tap on Start.
9. Follow the on-screen instructions.
10. Hit Done.

Take advantage of Smart Lock!

Android smartphones now come with a great feature called Smart Lock. This allows you to bypass PINs, passwords, or any other authentication methods when it’s safe. Smart Lock can use on-body detection, trusted places, or trusted devices to determine this. For example, you can set your trusted place as your home, and the phone won’t need any authentication method when it is at said location. When using a trusted device, the phone will only be unlocked without authentication when it’s disconnected from your Bluetooth device of choice.

Smart Lock is an excellent feature for those who want better security but would also prefer unlocking the lock screen as soon and fast as possible, when there’s no risk. Keep in mind that these come with some risks, too, though. For example, your smartwatch could stay connected to your smartphone if you leave it on your desk and walk away for a few minutes. This could leave the phone unlocked and in danger of being accessed by others around you.

How to configure Smart Lock:

1. 1. Open the Settings app.
   2. Go into Security & privacy.
   3. Tap on More security settings.
   4. Select Smart Lock.
   5. Enter your PIN or password.
   6. Select On-body detection, Trusted places, or Trusted devices.
   7. Follow instructions to finish the setup.

Do you need more help keeping your phone and online services secured? We have a list of the best security apps for you. Give it a read and take the necessary precautions to keep all your data safe. Additionally, you should consider using one of the best password managers to store your passwords safely.