Android lock patterns as predictable as common passwords

Know how a lot of people tend to use passwords such as "123456" or, well, "password?" Well, turns out Android lock patterns (ALPs) are just as predictable. Norwegian University of Science and Technology graduate Marte Løge analyzed 4,000 patterns for her master's thesis and found that 77 percent of the participants started from one of the four corners, and 44 percent started their patterns from the top left one. Løge presented her findings at the PasswordsCon conference in Las Vegas, where she told Ars Technica that "We're seeing the same aspects used when creating pattern locks [as are used in] pin codes and alphanumeric passwords."

She also deduced based on the mock patterns the participants created for her that most people use only four nodes, with eight-node locks being the least popular. Also, around 10 percent of the patterns use nodes that form letters (imagine how to write C or M or N using the pattern lock), which are usually the first initial of a participant's child or significant other.

Ars notes that researchers need to look deeper into pattern lock use for more definitive results, as ALPs are still new. If you want yours to be secure as possible, though, Løge suggests incorporating crossovers, not starting from a corner, using as many nodes as possible and switching off "make pattern visible" to protect yourself from villainous shoulder surfers. We'd like to add cleaning your screen to that list, because finger smudges give your patterns away, as well.