Is there some way to get a lock screen whose PIN pad changes number layouts every time it's used? It seems like a very basic way to thwart smudge attacks and yet my (broken?) google-fu can't find any implementations.
I'm using 2.3 Gingerbread, would prefer solutions not involving rooting/flashing new ROMs if possible.
Answer
That is a very interesting question. I am not sure if this can be done, to scramble the keypad's number layout every-time on unlock to force you to slow down.
You've pointed out the weakness in the security - smudges on the touchscreen; the only thing that I can think of is this - wipe down the screen each time... now you may get funny looks from others, akin to taking off the glasses each time and wiping it cleanly to "see" again if you get my drift.
I would not be surprised if there's a soft keyboard layout that appears at random intervals but I suspect its never thought of as it would drive users batty especially when texting.
The lock-screen's pin mechanism is in-built and to override that mechanism requires going down the unofficial programming interface that does not have the approval from Google's Android development aspect. Almost bordering on using malware techniques to achieve it.
The other thing I can think of is to use a screen protector, in that way, the smudges will show on it but not on the actual touchscreen. Despite saying that, one could theoretically sprinkle a bit of powder on the screen and gently brush it away to see where the fingerprint is on but that's going OTT on the other hand, that is, if you watch too much NCIS... :)
My suggestion - in the case of pattern unlock, do not allow "Use Visible Pattern" or "Use tactile feedback" under Settings > Location & security settings, to minimize breach.
But however, your question is a worthy +1 from me from a security viewpoint.
Edit:
Just an afterthought after exchange on chat, it is quite possible in theory, to use a custom keyboard that is tied specifically to password input, the ones that shows an asterisk in place, and just randomize the keyboard layout with letters, numbers re-positioned at random intervals but that could have an adverse side effect, as in "darn it, now I have to be extra careful to, not to go too fast!" or "darn it, one thing to do - uninstall it as tis annoying!"
No comments:
Post a Comment