There are a bunch of ways to unlock your Android device. More or less all devices support swipe, pattern, PIN, and password. Which should you use?

Not Swipe · Ladies and Gentlemen: Your mobile device is exquisitely personal. It opens a gateway into your recorded correspondence with your colleagues, loved ones, and enemies. It quite likely allows you to spend money on books and music and movies with a few taps on the screen.

It’s a big, scary dangerous world out there. I sure wouldn’t use swipe-to-unlock on any of my devices.

An Official Answer? · I don’t know of one. There is lots to read on the subject in the DevicePolicyManager docs and the Device Administration guide, but I’m not going to try to interpret; go read it yourself.

There’s at least one organization I know of where security is a very serious concern, and all three of those options are allowed by management.

Reverse Smudge Engineering · Last year I was touring around with a bunch of Googlers doing DevFests and Developer Days and so on, and an emergency arose when a couple of colleagues had my original Galaxy Tab and needed to use it for something, but I wasn’t there. They managed to figure out my pattern by looking at the fingerprints on the glass and it only took them a few minutes.

Maybe I’m a little greasier than average, but that’s still sobering.

My Own Choice · I’ve gone to PIN on all my devices and I’m pretty sure that it’s the best choice for me. When it comes to attackers, I do worry about them getting their hands on a lost device. But I worry just as much about the bad guys looking over my shoulder in a crowded plane or coffee shop while I unlock the phone.

The PIN has the huge advantage that it uses a nice big fat numeric keypad, and I can type it in really, really fast; I could do it right in front of you five times in a row and you’d have no clue, I bet.

Your mileage, obviously, may vary. But do please think about this, and stop swiping.



Contributions

Comment feed for ongoing:Comments feed

From: David R (Feb 13 2012, at 08:24)

I can remotely wipe or lock my device from any web browser on the planet, in the remote chance that I lose it. It's totally worth the remote chance that I misplace it to not have to be punching in my PIN a hundred times a day. It's a usability vs security tradeoff I think most people make happily.

Now, I tend to hang around with people I trust not to snoop... and I don't think anybody's going after my email for corporate espionage or blackmail, either, so that helps.

[link]

From: Splem (Feb 13 2012, at 08:28)

I once saw a woman on the bus do the most intricate swipe unlock I've ever seen. I swear it took her 10 seconds to unlock her phone. It must be inconvenient for her, but definitely resistant to over-the-shoulder spying or smudge analysis.

[link]

From: Will Roe (Feb 13 2012, at 08:32)

In section titled 'Reverse Smudge Engineering':

s/but I was wasn’t there/but I wasn’t there/

[link]

From: James Roper (Feb 13 2012, at 08:32)

I really don't think pins do anything. Who are you worried about your phone getting into the hands of? Opportunitistic thieves? They don't care about your data, they will just sell the phone, and probably wipe it first so that people won't know its a stolen phone and it can't be easily returned to you. Serious criminals that want to steal your identity, extort you, and sell your credit card details? Do you really think a PIN is going to stop them? Your personal data on the phone is not encrypted. With Android, much of your data is stored on the SD card anyway, a pin doesn't stop them from pulling the SD card out. Idiots that want to waste your money with calls overseas? They don't need a pin to do that either, just pull the SIM card out and put it in another phone. Your friends that want to post embarrassing Twitter updates as you? Ok, if that's what you want to protect your phone from, a pin is a legitimate solution. Everything else, I really don't think it helps. It's the whole security by obscurity thing, it really only serves to give you a false sense of security. If you're really concerned about data or identity theft, remote wipe is your only real option.

[link]

From: ebenezer (Feb 13 2012, at 08:49)

This is (to borrow a phrase of your own) forceful, worrying, and short. I noticed two typos, though:

6th ¶ (Reverse Smudge Engineering): “I was wasn’t there” probably should be “I wasn’t there.”

Last ¶: The last sentence needs a period.

[link]

From: ewerx (Feb 13 2012, at 08:54)

If you want to encrypt your device (which is probably a good idea) then PIN is the only choice.

[link]

From: Nicholas Sushkin (Feb 13 2012, at 09:49)

My children used to learn the path of my smudge pattern after one or two glances over my shoulder, but they can't remember a long pin.

[link]

From: Cédric Beust (Feb 13 2012, at 11:07)

Unless the keypad randomizes the digit keys every time, a pin is only marginally safer than a swipe and I bet it can be smudge-reverse engineered pretty easily.

I unlock my phone so often every day that I don't use any pin. I can brick my phone remotely very easily, which is a good compromise for my convenience.

I did use a swipe while I was an Android employee, though, since it was policy, but I was happy to drop it once I was no longer mandated to do so.

[link]

From: Greg Pfister (Feb 13 2012, at 11:36)

When phones come with an STFU button on the outside that can be used without unlocking, then there's more of a chance that PINs will be used. Fumble with a PIN in the dark during a movie when you forgot to turn it off? Not a chance.

[link]

From: Adrian (Feb 13 2012, at 15:13)

I use a 6 digit PIN, unfortunately I have to type it a lot slower than I'd like or the tablet seems to miss key strokes, which makes it vulnerable to being seen. Here's hoping that when ASUS upgrade it to ICS it'll read faster...

[link]

From: Bob Monsour (Feb 13 2012, at 19:43)

Please forgive me Tim, but being a skeptic, your encouragement to avoid swiping wouldn't have anything to do with Apple's recent assertion of it's recently issued "swipe to unlock" patent against Samsung as noted in Florian Mueller's post, here... http://fosspatents.blogspot.com/2012/02/apple-requests-us-preliminary.html

Regards,

-Bob

[link]

From: Martin (Feb 14 2012, at 04:44)

What I would like to see on my lock screen is basic info: owner (where to return the device if found), current weather and play/pause for music. Too bad stock Android does not seem to allow that, that would be nice.

[link]

From: @haroonmeer (Feb 14 2012, at 07:22)

Im genuinely surprised at the number of "it's just your phone" comments. These days it's at least also your email (making it the password reset device to a whole lot more).

Incidentally, I wrote an app last year to make use of OpenCV to automatically shoulder surf pins/passwords (for fun, not profit)

http://blog.thinkst.com/2011/07/on-screen-keyboards-considered-harmful.html

[link]

From: James Cunningham (Feb 14 2012, at 12:36)

Anyone who steals my phone (an iPhone 4) will need a password to purchase apps or books or movies; if they can bypass that then I imagine they could bypass a PIN. More distressing would be unfettered access to my email. The phone's set to request a PIN after a period of inactivity though I doubt it provides me much additional security.

That said: I'll never lose the thing (it's too integral a part of me by now) and if it's stolen I can quickly wipe it and change passwords, so this issue doesn't keep me up at night.

[link]

From: Ciaran (Feb 14 2012, at 12:52)

I can only assume all you people protecting your data with remote wiping have never considered airplane mode - surely the first action of any thief or opportunist finder who has plans other than wiping and selling.

[link]

From: Ryan Bateman (Feb 15 2012, at 14:34)

I've always wondered why the pattern-unlock wasn't simply made slightly more dynamic to deal with the smudge-hack. Upon unlock randomly give every dot a number/letter and connect your remembered dynamic pattern (swipe from whichever dot is 1 to which dot is 2, etc.). Instead of numbers could use letters and it would be part-password. Part PIN/password and part pattern. Would stop smudge hacks for PIN to an extent too.

[link]

author · Dad
colophon · rights
picture of the day
February 12, 2012
· Technology (90 fragments)
· · Android (64 more)

By .

The opinions expressed here
are my own, and no other party
necessarily agrees with them.

A full disclosure of my
professional interests is
on the author page.

I’m on Mastodon!