Stop to Unlock - Improving the Security of Android Unlock Patterns

Suchan, Alexander and von Zezschwitz, Emanuel and Krombholz, Katharina
(2019) Stop to Unlock - Improving the Security of Android Unlock Patterns.
In: Workshop on Usable Security and Privacy (USEC) 2019.
Conference: NDSS - Network and Distributed System Security Symposium

[img]
Preview
Text
usec2019_04-2_Suchan_paper.pdf

Download (317kB) | Preview

Abstract

Android unlock patterns are among the most common authentication mechanisms on mobile devices. They are fast and easy to use but also lack security as user-chosen gestures are easy to guess and easy to observe. To improve the traditional pattern approach, we propose Stop2Unlock, a usable but more secure modification of the traditional pattern lock. Stop2Unlock allows users to define nodes where they stop for a limited amount of time before swiping to the next node. We performed a lab study (n=40) and a field study (n=14) to show that this small change in user interaction can have a significant impact on security with a minimal impact on usability. That is, user-selected Stop2Unlock patterns are significantly harder to guess while being comparable in terms of usability. Additional analysis showed that users perceived the stop component as a rhythmic and memorable cue which supported the selection of higher entropy patterns.

Actions

Actions (login required)

View Item View Item