Android Phones Can Be Unlocked By Super Long Passwords

A worrying bug has been found that can lock Android smartphone users out of their device simply by entering long passwords.

Researchers at the University of Texas discovered that typing in a ‘sufficiently large’ long password to try and unlock Android devices caused the lock screen to crash in certain conditions, allowing access to the device.

Google has now released a patch for Nexus devices, which was found to affect devices running all but the latest version of Android Lollipop, however other manufacturers will need to take the responsibility for rolling out the update themselves.

Locked out

The researchers found that the lock screen vulnerability could not be exploited if the user had set up a PIN code or lock pattern instead of a password.

After entering a lengthy password (pictured left) and crashing the lock screen, the researchers were able to access the phone’s data and apps, overcoming even encrypted file systems – meaning they could also install malicious apps.

“By manipulating a sufficiently large string in the password field when the camera app is active, an attacker is able to destabilize the lockscreen, causing it to crash to the home screen,” the researchers said.

The flaw is the second in a fortnight to affect the lock screen of Android devices.

Last week, security researchers at ESET discovered a new form of ransomware that locks out users by burrowing into a phone’s software. The Lockerpin malware alters a phone’s PIN lock function, stopping users from accessing their device unless they pay a ransom of $S500 ransom for allegedly viewing and harbouring forbidden pornographic material.

Are you a security pro? Try our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

25 mins ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

16 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

18 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

19 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

20 hours ago