Study finds that Android lock patterns tend to be too simple, just like passwords

Study finds that Android lock patterns tend to be too simple, just like passwords
A study conduced by a woman named Marte Løge, a graduate of Norwegian University of Science and Technology, found that Android users choose to set similar lock patterns that might be too easy for others to figure out. The study looked at 4000 patterns created and discovered that 77% of the patterns started from one of the four corners. 44% of the patterns created began from the top left corner.

Obviously, the more nodes used in the creation of the pattern, the larger the number of possible combinations and the harder it is for someone to discover your lock screen pattern. The average number used in the study was five, which means that the average lock screen selection was one in 7152 possibilities. A large number of users selected just four nodes meaning that their lock screen pattern was one in 1624 possibilities. As a comparison, those who used eight or nine modes had a pattern that was one in over 140,000 possible combinations.

Løge, who created the study for her thesis, asked those participating to create three patterns. One was for a make believe banking app, one was for a make believe shopping app, and one was to unlock a smartphone. The minimum four node pattern was used the most by both men and women, followed by a five node pattern. Even though both eight and nine node patterns have the same possible combinations, for some reason fewer people chose an eight node pattern than one containing nine nodes. In fact, the former was the least selected option used for a lock screen pattern in the study.

Besides the number of nodes, more complex patterns are harder to figure out. Just like studies have shown that the most common passwords are "1234567," "Password," and "Letmein," 10% of the lock patterns created for the study were fashioned after the shape of a letter in the alphabet. And that letter was often the first initial of a spouse or child. Løge's work also showed that young men are more apt to create a complex pattern that is harder to discover.

Løge says that to create a successful lock pattern, use a high number of nodes, make the pattern complex with crossovers, and turn off the "make pattern visible" option so that someone can't look over your shoulder to discover your lock pattern.

source: ArsTechnica



45. brd8951

Posts: 26; Member since: Nov 23, 2011

I'd like to see an explanation on the math used to determine the possible outcomes. By my calculation, a 4-node pattern has 3,024 possible outcomes (9x8x7x6), a 5-node pattern 15,120 (9x8x7x6x5) and an 8/9-node pattern 362,880 possible outcomes (9x8x7x6x5x4x3x2). What am I missing here?

44. xondk

Posts: 1904; Member since: Mar 25, 2014

Seriously, this sounds like a biased article it would be 100% more accurate to say: People use too simple passwords and patterns because they fear forgetting them. And this is done on across the board, regardless of brand of phone and also done on computers, it is really no surprise.

43. duartix

Posts: 311; Member since: Apr 01, 2014

Want to break an unlock code? Forget all about brute forcing, just follow the grease marks...

41. SupermanayrB

Posts: 1188; Member since: Mar 20, 2012

I've never had a password on my phone. It's an inconvenience. Plus, my phone is on me 99% of the time.

37. HASHTAG unregistered

My friend would get frustrated every time I got into his phone. That what happens when your password is a check mark.

36. gdawilson

Posts: 299; Member since: Jul 21, 2014

I'd still rather have my pattern than have a fingerprint reader

35. Awaragardiyan unregistered

Guilty 4 5 6 9

34. Awaragardiyan unregistered

Guilt ! 4 5 6 9

32. arch_angel

Posts: 1651; Member since: Feb 20, 2015

That's Why My Pattern Uses Every Dot. But I Use Finger Print Now.

25. Zack_2014

Posts: 677; Member since: Mar 25, 2014

FIngerprint on my S6 :)

20. samystic

Posts: 242; Member since: Mar 25, 2012

just imagine your phone screen is a pure fingerprint magnet... just tilt the phone to see the pattern left by oily fingers... ta da! easy to guess the password on Android...

23. shuaibhere

Posts: 1986; Member since: Jul 07, 2012

it is applicable for pins too..

28. tomn1ce

Posts: 248; Member since: Mar 12, 2012

Thats why I swipe the display of the phone before putting it down. This way I clean the pattern of the display. Even if I leave it unlocked and unattended I use facelock to secure all the sensible apps that can compromise my data. Both patterns are difficult since a I use 9 nodes patterns.

18. thetreblemaker

Posts: 5; Member since: Apr 24, 2015

there's still a million possibilities to break the pattern code. besides, someone who steal your phone won't do a STUDY to break it.

16. redmd

Posts: 1965; Member since: Oct 26, 2011

Next conclusion : it's hard to unlock phones with fingerprint scanner.


Posts: 21; Member since: Aug 17, 2015

It sure is with the Galaxy S5 like someone noted above.

15. Cyberchum

Posts: 1142; Member since: Oct 24, 2012

I used MazeLock on Symbian Belle and it's way more complex and hence, secure. You can reconnect a point which isn't possible on Android's pattern lock. I jumped the Android bandwagon with SGS2 on ICS and was surprised not to see that flexibility.

21. samystic

Posts: 242; Member since: Mar 25, 2012

is it Nokia 808 Pureview?

38. Cyberchum

Posts: 1142; Member since: Oct 24, 2012

No, Nokia 603, but it worked for all models based on Symbian ^3 to Belle FP2.

14. phonehome

Posts: 812; Member since: Dec 19, 2014

I just use a 4 digit passcode. I always keep my phone locked when not in use, and it is too tedious always enter something more complicated. Also, I have a GS5, so no fingerprint reader (no useful one anyway). Go ahead, call me Skroob if you must :)

26. Kakarot

Posts: 57; Member since: Jul 31, 2015

Well.. i have near 100% recognition rate on s5 because i have set up the reader in such a way that it does recognise the swipe everytime barring when my finger is wet.

13. senseiJ

Posts: 172; Member since: May 02, 2015

Pa where is your editor? Your first sentence was horrid. Smh

11. Awalker

Posts: 1987; Member since: Aug 15, 2013

I have a really simple lock screen pattern so I won't forget it.

10. dimas

Posts: 3461; Member since: Jul 22, 2014

Shame on me, got 3 digit/alphabet passcode on my phone and work pc and still nobody can figure it out even if I leave them on my desk.

7. RebelwithoutaClue unregistered

Wow someone from the university did a study to come to this conclusion.. Next up a study that shows us most people like their coffee hot

8. Settings

Posts: 2943; Member since: Jul 02, 2014

Or how old losers get their hair bald.

12. Ordinary

Posts: 2454; Member since: Apr 23, 2015

22. shuaibhere

Posts: 1986; Member since: Jul 07, 2012

you seem to be affected by should have a bald head..

24. Ordinary

Posts: 2454; Member since: Apr 23, 2015

lol nah check out big brody and you will understand

9. Settings

Posts: 2943; Member since: Jul 02, 2014

Or how old losers get their hair bald.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless