Help Questions about Samsung Moment / Android unlock screen

[AndroidSPCS]

Besides the 911 problem with the unlock screen, I have a few other questions about this:

1. How many attempts are you allowed to try to unlock the screen with the swipe?

2. What happens after (if) a limit # of attempts is reached?

3. Is there a way to use a more traditional password / passcode way to unlock?

I really hate the finger swipe, from what I have seen so far. Aside from the 911 accidental dial issue, it's not very easy to record the sequence of the swipe into keepass.

I also noticed that it's very easy to swipe and have the screen feedback tell me that the swipe is wrong. This makes it very easy for a brute swipe attack by simply swiping in random patterns until you hit the right pattern. I'd much rather have a passcode / password screen.

It's absolutely amazing that the stock Android system doesn't allow the traditional time tested password / passcode system, and is arrogant enough to only allow the swipe (an untested consumer technology) as the only option for security.

This is unforgivable and should be addressed in future updates IMHO.

 

[souljah335]

First off let me say that I completely agree with you and also say that I once failed to enter the correct swipe 4 times (got it right the 5th time).

 

[AndroidSPCS]

The developer that came up with the swipe idea should be given a cookie.

The developer(s) that decided this should be the sole security mechanism should be taken to a back room and severely beaten.

 

[souljah335]

The developer that came up with the swipe idea should be given a cookie.

The developer(s) that decided this should be the sole security mechanism should be taken to a back room and severely beaten.

Lmao

 

[AndroidSPCS]

Ok so the screen gives you 5 tries, and if you fail, it asks you to try again in 30 seconds.

After 30 seconds it gives you one more try. If you fail that, it will ask for the google account username / password.

That's better than nothing I suppose. Actually a decent design I think.

I have also come up with a scheme to store the swipe pattern in keepass:

Here's a sample swipe pattern password:

1XX
X2X
XX3

This is a diagonal swipe going from top left to bottom right. Mine is much more intricate than that but it basically visualizes the swipe pattern via characters.

EDIT: I actually like this security mechanism now that I know what it does and how it limits unlimited brute force attack.

 

[fowler]

Besides the 911 problem with the unlock screen, I have a few other questions about this:
....
I really hate the finger swipe, from what I have seen so far. Aside from the 911 accidental dial issue, it's not very easy to record the sequence of the swipe into keepass.
.....

Howdy I'm also an avid Keepass user! When convenience and security need a balance, I use my Keepass, integrated with MashedLife.com to enjoy life and safety, and stay organized no matter online and offline.

Mashed Life's Secure key also offers secure PC login. Quite a neat bonus!

Have fun

 

[AndroidSPCS]

Howdy I'm also an avid Keepass user! When convenience and security need a balance, I use my Keepass, integrated with MashedLife.com to enjoy life and safety, and stay organized no matter online and offline.

Mashed Life's Secure key also offers secure PC login. Quite a neat bonus!

Have fun

Interesting. Thanks for the info on Mashed Life. read a positive review on it.

That said, I don't trust anyone with my passwords except my local Keepass program. But Mashed Life could be good for random sites like online forums and such.

Thanks again.

 

[sthmck]

I am actually having an odd problem. My phone got locked and took me to the screen for entering your gmail account but when I enter everything correctly it always says invalid username or pass. I doubt anyone is actually going to give me useful advice do to security issues. Should I call samsung or sprint. Or does anyone have any ideas?