You may have already heard of the security concerns regarding passwords and how easily attackers can take advantage of poor password security. However, the physical security of mobile devices stands to be deceptively inconspicuous among the latest security concerns. Character-based passwords are commonly broken due to poor complexity or discovering re-used passwords from services such as haveibeenpwned.com. Mobile devices are a staple in our technological era and act as a gateway to all of our services with no authentication – just open an application and you have full control.
The security concerns with mobile devices stem from ease of access, many users become frustrated without a simplified lock screen which can be entered in under a second. One of the primary protection methods include a memorable pattern to access the device. Research found that the typical ‘pattern password’ contained 389,112 different combinations with a maximum length of 9 nodes. This research also determined that 77% out of 4,000 users started in one of the corners when entering a pattern password, significantly reducing the number of different combinations required when brute-forcing or guessing a mobile device pattern password.
Despite the reduction in predictability, residue from fingerprints are the dominating threat to device passcode exposure. Screen smudges can be visible for a significant amount of time, even after cleaning, with attackers capturing pictures of the device screen from a number of different angles to expose the passcode. This threat, coupled with the limited number of combinations, result in a severe security concern when using patterns for unlocking mobile devices.
Protecting your device from such passcode exposure can be prevented by using patterns that overlap multiple times and can be complex to decipher, biometrics, or a long password. Consider the risks of your mobile device security, especially when you are storing any business information.