SysPal: System-Guided Pattern Locks for Android
Title | SysPal: System-Guided Pattern Locks for Android |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Cho, G., Huh, J. H., Cho, J., Oh, S., Song, Y., Kim, H. |
Conference Name | 2017 IEEE Symposium on Security and Privacy (SP) |
Publisher | IEEE |
ISBN Number | 978-1-5090-5533-3 |
Keywords | Android pattern lock, Android screen lock patterns security, Androids, Human Behavior, Humanoid robots, Markov processes, Meters, mobile computing, password, Password selection policy, pattern locks, pubcrawl, resilience, Resiliency, Scalability, security, security of data, smart phones, SysPal policies, system-guided pattern locks, usability |
Abstract | To improve the security of user-chosen Android screen lock patterns, we propose a novel system-guided pattern lock scheme called "SysPal" that mandates the use of a small number of randomly selected points while selecting a pattern. Users are given the freedom to use those mandated points at any position. We conducted a large-scale online study with 1,717 participants to evaluate the security and usability of three SysPal policies, varying the number of mandatory points that must be used (upon selecting a pattern) from one to three. Our results suggest that the two SysPal policies that mandate the use of one and two points can help users select significantly more secure patterns compared to the current Android policy: 22.58% and 23.19% fewer patterns were cracked. Those two SysPal policies, however, did not show any statistically significant inferiority in pattern recall success rate (the percentage of participants who correctly recalled their pattern after 24 hours). In our lab study, we asked participants to install our screen unlock application on their own Android device, and observed their real-life phone unlock behaviors for a day. Again, our lab study did not show any statistically significant difference in memorability for those two SysPal policies compared to the current Android policy. |
URL | https://ieeexplore.ieee.org/document/7958586 |
DOI | 10.1109/SP.2017.61 |
Citation Key | cho_syspal:_2017 |
- pattern locks
- usability
- system-guided pattern locks
- SysPal policies
- smart phones
- security of data
- security
- Scalability
- Resiliency
- resilience
- pubcrawl
- Android pattern lock
- Password selection policy
- password
- mobile computing
- Meters
- Markov processes
- Humanoid robots
- Human behavior
- Androids
- Android screen lock patterns security