The predictability of people can hardly be overestimated. This predictability can be easily exploited when it comes to things like passwords, secret words, PINs, and more. Many of us use names, birthdays and others to easily guess things like passwords, not to mention the really obvious "12345", which is still amazingly popular. But what about lock screen templates, are we predictable there when we create them? As it turns out - we are.
Marte Løge, a researcher from the Norwegian company Itera, made an analysis of what standards people really create when asked to do it for three occasions: shopping app, smartphone lock screen, and online banking, respectively. The results are quite impressive.
First, there is a strong relationship between the type of application that someone wants to lock and the power of the template. People tend to use less powerful templates to lock their smartphone screen than for online banking or even for shopping apps.
Secondly, many people, about 10% of the thousands surveyed by Løge, are using letter-like motifs, which are equivalent to "12345" codes and by any means can not be considered powerful enough to protect anything .
Third, there are about 390.000 combinations that a hacker can guess, but the number of combinations can be reduced due to the human factor. Most of the combinations mentioned above contain eight or nine points, but unfortunately they are not used. Instead the real crowd is about 100.000 combinations.
Another strange fact is that women tend to use patterns weaker than men. And the age of a person also plays a role: the younger you are, the more likely you are to use a stronger pattern. Thus, knowing the gender and age of the person can actually help to predict the pattern he or she is using.
What can we learn from this research? Basically, if you use templates to block the Android screen or some sensitive applications, and you really want to protect your data, the best strategy is to act like no other. And these are our tips:
1. Never use obvious combinations such as letter-like motifs. Using this weak pattern is like not using any pattern or password.
2. Use one of the starting points that are rarely used: the best is in the middle of the right side. The bottom right corner is also good.
3. The best lengths for a pattern are 8 points or 9 points: First, it gives you a huge number of possible combinations and secondly, these lengths are less popular.
4. And of course, think about changing from code to pattern. It can be easier to remember the password, even a very large, than a fairly powerful pattern.