Survey: Most people don’t lock their Android phones — but should

Half of Android users don’t bother to lock their phones, despite having the choice of using patterns, passwords, PINs, and even their faces to secure their devices. This contrasts starkly with a report from the Federal Communications Commission warning that up to 40 percent of robberies in major cities involve cell phones.

More precisely, over 52 percent of people who responded to the Google Consumer Survey I conducted of 1,500 Android users said they prefer to leave their phones unlocked. I conducted this survey using Google Consumer Surveys on Android via the Opinion Reward app.

While entering a PIN code is reported as annoying by the people who responded to my survey, Android does offer a safer and easier alternative called a lock pattern. It provides more possible combinations than a password — a 9-point unlock pattern has a 389,112 possible patterns. Compare that to only 10,000 combinations for a standard four-digit PIN code.

So not only are patterns faster, but they're also safer! And the FBI has said in court documents that they were unable to bypass the lock screen and access the contents of a Samsung phone.


That said, no security is perfect. Both lock patterns and PIN codes can be vulnerable to smudge attacks, as a 2010 Usenix paper illustrates. (See screenshot above.) So whether you use a PIN or a pattern you should change it from time to time. You might also want to go to your phone’s options screen and disable the display of the pattern so people can’t “shouldersurf” it.

About: Elie Bursztein
I lead Google's anti-abuse research and invent new ways to protect our users against cyber-criminal activities and Internet threats. I recently redesigned Google's CAPTCHA to make it easier, and made Chrome safer and faster by implementing better cryptography. I was born in Paris, France, wear berets, and now live with my wife in Mountain View, California.
Comments are loading
About me
Lead Google's anti-abuse research. Develop new ways to protect users and disrupt bad guys. Make Chrome safer and faster. Help keeping G+ and Gmail clean. Wear berets. Do magic tricks.