Android Phones Can Be Unlocked By Super Long Passwords

A worrying bug has been found that can lock Android smartphone users out of their device simply by entering long passwords.

Researchers at the University of Texas discovered that typing in a ‘sufficiently large’ long password to try and unlock Android devices caused the lock screen to crash in certain conditions, allowing access to the device.

Google has now released a patch for Nexus devices, which was found to affect devices running all but the latest version of Android Lollipop, however other manufacturers will need to take the responsibility for rolling out the update themselves.

Locked out

The researchers found that the lock screen vulnerability could not be exploited if the user had set up a PIN code or lock pattern instead of a password.

After entering a lengthy password (pictured left) and crashing the lock screen, the researchers were able to access the phone’s data and apps, overcoming even encrypted file systems – meaning they could also install malicious apps.

“By manipulating a sufficiently large string in the password field when the camera app is active, an attacker is able to destabilize the lockscreen, causing it to crash to the home screen,” the researchers said.

The flaw is the second in a fortnight to affect the lock screen of Android devices.

Last week, security researchers at ESET discovered a new form of ransomware that locks out users by burrowing into a phone’s software. The Lockerpin malware alters a phone’s PIN lock function, stopping users from accessing their device unless they pay a ransom of $S500 ransom for allegedly viewing and harbouring forbidden pornographic material.

Are you a security pro? Try our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

Is the Digital Transformation of Businesses Complete?

Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…

7 hours ago

Craig Wright Faces Contempt Claim Over Bitcoin Lawsuit

Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…

7 hours ago

OpenAI Adds ChatGPT Search Features

OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…

8 hours ago

Google Maps Steers Into Local Information With AI Chat

New Google Maps allows users to ask for detailed information on local spots, adds AI-summarised…

8 hours ago

Huawei Sees Sales Surge, But Profits Fall

US-sanctioned Huawei sees sales surge in first three quarters of 2024 on domestic smartphone popularity,…

9 hours ago

Apple Posts China Sales Decline, Ramping Pressure On AI Strategy

Apple posts slight decline in China sales for fourth quarter, as Tim Cook negotiates to…

9 hours ago