Unlock Pattern Generator

Pattern Length:
Allow hard-to-enter patterns


Many have commented on how after entering the pattern your fingers leave a trail of smudges showing exactly what you just entered. These could potentially be used by a malicious person to hijack your phone. I've found that longer patterns are much less vulnerable to this, and also patterns that "double-back" on themselves are less susceptible. Apparently a group of researchers have already done a study on this peculiarity. You can find the original article here or on Adam Aviv's homepage.

The paper reveals that this is a serious problem, and that with enough sophistication the "smudge attack" can usually be done. However, it often takes more than a little guesswork to decode the pattern even if the smudges are present. I've noticed that practiced people can crack short gestures quickly but often cannot crack a longer complex one. In android 2.2 a numerical pin option is available as well. You might want to give that a shot, but I doubt it's invulnerable to these "smudge attacks". It's worth noting that none of these password systems are fool proof, and you probably shouldn't be keeping anything confidential on your Android phone in the first place.

What is this?

On Android phones the user can add an "unlock pattern" to protect their phone. It's much like a password that you enter to unlock the phone. Instead of entering numbers or letters you instead draw a pattern across nine little circles (pads, as I like to call them). Its advantage is that there are far more possibilities than a typical 4-digit pass code. It's also quick to enter these patterns.

"Hard-to-enter" patterns

It's possible, for example, to have a pattern that starts at the top left pad and immediately connects to the middle right pad. However this is difficult because if your finger slips even slightly you could hit one of the adjacent pads. Since a pad will not be hit if it's already been used this motion is not "hard-to-enter" if the top center or center center pad has already been used.

By default I do not include these patterns because I like patterns that I can enter. You can generate them above if you would like.

Other Considerations

Obviously, you should make your patterns as long as possible to increase the entropy and the number of possibilities. Also, I have discovered that the green trail left behind from entering the pattern is unusually bright and easy to see. On many occasions I have observed a pattern compromised because of this. This feature can be turned off entirely in the settings, which fixes this problem.

Are you stealing my patterns?

No. The pattern is generated randomly and no data is exchanged with your computer once the page is loaded. This makes it safe to use this website without worrying about other people somehow discovering the unlock pattern you saw. You can look at the source code yourself!


I'm a hungry grad student! Donations greatly appreciated!