Android Lock screen flawed

bypassing lock-screen by pasting long string into the password field

A lock-screen security flaw in Android 5.x Lollipop that lets users bypass the lock screen on a mobile device has been discovered. Entering a sufficiently long string into the password field on Android Lollipop can crash the device, this was discoverd by students at the University of Texas.

Unauthorised user gains access to the Android phone’s home screen and apps normally as if the entered string was the correct password for the device.

The flaw applies to handsets running most latest versions of Android 5.0 - 5.1.1 to gain complete control of the device and all the information and data contained on it.

How to avoid the flaw

Since the vulnerability works on password lock screens, it could not unlock lock patterns and Pin codes therefore if such means are implemented other than a password, they would be the safest means.

Related Posts
« Prev Post