SmartPhone Unlock Screens: Moving in the Wrong Direction

I recently purchased the Motorola Droid from Verizon, and am so far very happy with it.  Other than finding the physical keyboard a bit lacking from being extremely spoiled by the Sidekick’s physical keyboard to which no other physical keyboard could ever hope to live up to, I’ve really had no complaints with the device or the Android 2.0 operating system that runs on it.  I have however, noticed that touch-screen smart-phone unlock screens (not just the Droid’s) are getting progressively less secure.

The problem with smart-phones with touch screens is that they suffer from a similar attack that physical keypad entry systems do; there is a physical remnant that can indicate the digits used in the entry code.  Physical keypads can have their keys worn down over time, so that if a common code is used, it is eventually apparent which keys are more used than others.  Smart-phones with touch screens suffer from a less permanent version of this, being skin oil left on the screen in the form of fingerprints.

A colleague here at work has an iPhone.  His unlock screen uses a number pad, and you enter in a PIN number to unlock it.  As you touch the screen to enter the PIN, your fingers will leave fingerprints on the digits that are contained in the PIN.  Because the digit button locations are static, even with other use of the touch-screen, over time you end up with little clusters of fingerprints on the screen indicating the digits used, which drastically shorten the search time of a brute force attack on the PIN if the user isn’t diligent about wiping down the touch screen periodically.

A friend of mine also has an iPhone, however she uses a different screen locking app, which instead of digits just presents the user with a grid of buttons, and the key to unlocking is to press these buttons in a specific pattern.  This is slightly less secure than the PIN method, as there are no values to the buttons, only their location, which essentially requires that the locations pressed on the screen remain static.  The PIN method could be made more secure in a number of ways, however this method cannot.

The default screen locking method for the Droid is even less secure, as instead of pressing a pattern, it has the same grid of buttons as the last method I described, but has you draw a pattern across the screen linking the buttons in a sequence.  Where before you only divulged the digits contained in the PIN or sequence pattern via individual fingerprints, in this case you leave a nice long smear of skin oil across your screen, not only indicating the button locations used in the sequence, but their order.  At this point you really only have two options to try in your brute force, the sequence starting from one end of the smear or the other.  Guess how long it takes to get that one correct.

Needless to say, I tend to wipe my phone’s touch-screen quite frequently.  Why hasn’t anyone implemented a lock screen that uses a technique like this one?

Leave a Reply