Android unlock patterns are among the most common authentication mechanisms on mobile devices. They are fast
and easy to use but also lack security as user-chosen gestures
are easy to guess and easy to observe. To improve the traditional
pattern approach, we propose Stop2Unlock, a usable but more
secure modification of the traditional pattern lock. Stop2Unlock
allows users to define nodes where they stop for a limited amount
of time before swiping to the next node. We performed a lab
study (n=40) and a field study (n=14) to show that this small
change in user interaction can have a significant impact on
security with a minimal impact on usability. That is, user-selected
Stop2Unlock patterns are significantly harder to guess while being
comparable in terms of usability. Additional analysis showed that
users perceived the stop component as a rhythmic and memorable
cue which supported the selection of higher entropy patterns.
History
Preferred Citation
Alexander Suchan, Zezschwitz von and Katharina Krombholz. Stop to Unlock - Improving the Security of Android Unlock Patterns. In: Usable Security and Privacy (NDSS Workshop) (USEC). 2019.
Primary Research Area
Empirical and Behavioral Security
Name of Conference
Usable Security and Privacy (NDSS Workshop) (USEC)
Legacy Posted Date
2019-02-26
Open Access Type
Unknown
BibTeX
@inproceedings{cispa_all_2806,
title = "Stop to Unlock - Improving the Security of Android Unlock Patterns",
author = "Suchan, Alexander and von Zezschwitz, Emanuel and Krombholz, Katharina",
booktitle="{Usable Security and Privacy (NDSS Workshop) (USEC)}",
year="2019",
}