There are a bunch of ways to unlock your Android device. More or less all devices support swipe, pattern, PIN, and password. Which should you use?
Not Swipe · Ladies and Gentlemen: Your mobile device is exquisitely personal. It opens a gateway into your recorded correspondence with your colleagues, loved ones, and enemies. It quite likely allows you to spend money on books and music and movies with a few taps on the screen.
It’s a big, scary dangerous world out there. I sure wouldn’t use swipe-to-unlock on any of my devices.
An Official Answer? · I don’t know of one. There is lots to read on the subject in the DevicePolicyManager docs and the Device Administration guide, but I’m not going to try to interpret; go read it yourself.
There’s at least one organization I know of where security is a very serious concern, and all three of those options are allowed by management.
Reverse Smudge Engineering · Last year I was touring around with a bunch of Googlers doing DevFests and Developer Days and so on, and an emergency arose when a couple of colleagues had my original Galaxy Tab and needed to use it for something, but I wasn’t there. They managed to figure out my pattern by looking at the fingerprints on the glass and it only took them a few minutes.
Maybe I’m a little greasier than average, but that’s still sobering.
My Own Choice · I’ve gone to PIN on all my devices and I’m pretty sure that it’s the best choice for me. When it comes to attackers, I do worry about them getting their hands on a lost device. But I worry just as much about the bad guys looking over my shoulder in a crowded plane or coffee shop while I unlock the phone.
The PIN has the huge advantage that it uses a nice big fat numeric keypad, and I can type it in really, really fast; I could do it right in front of you five times in a row and you’d have no clue, I bet.
Your mileage, obviously, may vary. But do please think about this, and stop swiping.