Touch Gesture-Based Authentication: A Security Analysis of Pattern Unlock

Ibrahim, Nasiru and Sellahewa, Harin (2017) Touch Gesture-Based Authentication: A Security Analysis of Pattern Unlock. In: IEEE International Conference on Identity, Security and Behavior Analysis 2017, 22nd - 24th February 2017, New Delhi, India.


Download (297kB) | Preview
Official URL:


Pattern Unlock is one in a family of graphical passwords used on smart mobile devices. They were proposed as an alternative to PIN and Password as a result of a study [2] that showed better human memorability of visuals words than textual. Researchers have made several attempts to analyse and quantify the security of Pattern Unlock. However, only a few studies have been done on the correlation of human characteristics and choice of patterns. In this paper, we investigated the Android Pattern Unlock authentication and presents a comprehensive analysis of user pattern characteristics and strength of patterns generated by users. We extended the analysis by looking in depth into gender and also different Android operated devices to get the lock-out and wait time, to lay the foundations of a practical security framework. Our results (125 participants) indicated how users weakly choose their patterns by simply embedding and reusing patterns that are alphabetic or numeric-like, and having a strength score less than 27bits of entropy. The results highlighted the need to make users more aware and conscious when choosing their authentication patterns.

Item Type: Conference or Workshop Item (Paper)
Uncontrolled Keywords: Pattern unlock; Smart mobile devices; Memory
Subjects: Q Science > QA Mathematics > QA76 Computer software
Divisions: School of Computing
Depositing User: Harin Sellahewa
Date Deposited: 05 May 2017 11:36
Last Modified: 29 Aug 2017 10:27

Actions (login required)

View Item View Item