Well, it's not working as *I* expect it to, anyway.
Let's say the dots are arranged as:
123
456
789
I set my unlock pattern to 3-6-9-5-9-5-1.
I've found that I can unlock my phone with 3-6-9-5-1. Or 3-6-9-5-1-5-9-5-1. Or even 3-6-9-6-9-5-9-5-2.
This concerns me. I'd like to specify an unlock pattern and know that my device will only unlock with that particular pattern. How many other patterns will unlock my phone?
I did attempt to find an answer to this with Google, but unfortunately the search terms I could come up with were all rather generic and didn't yield quality hits.
NogginBoink said:
Well, it's not working as *I* expect it to, anyway.
Let's say the dots are arranged as:
123
456
789
I set my unlock pattern to 3-6-9-5-9-5-1.
I've found that I can unlock my phone with 3-6-9-5-1. Or 3-6-9-5-1-5-9-5-1. Or even 3-6-9-6-9-5-9-5-2.
This concerns me. I'd like to specify an unlock pattern and know that my device will only unlock with that particular pattern. How many other patterns will unlock my phone?
I did attempt to find an answer to this with Google, but unfortunately the search terms I could come up with were all rather generic and didn't yield quality hits.
Click to expand...
Click to collapse
You can only use each dot 1 time.
Related
I loaded ThrottleLock 0.3c onto my Mogul today (since s2U2 is way to buggy right now on it) and I really like the concept and idea.
But I found a flaw in the application, the application name and the developer's name is in the lower left corner of the application when the lock is engaged.
I'm not against giving the developer credit, it is a VERY good app, but this flaw seems to defeat the point of having a challenge lock on your phone.
Since anybody can find/steal my phone, know what application is locking it (since its on the lock app) & who made it, run a Google search, easily end up on this forum or emailing the developer, and pretend to be the legit owner of a phone who simply forgot how his/her lock pattern.
Then all the nice, helpful, and trusting people here would tell them how to reset the pattern using a usb connector and a computer.
Tenchi4U said:
I loaded ThrottleLock 0.3c onto my Mogul today (since s2U2 is way to buggy right now on it) and I really like the concept and idea.
But I found a flaw in the application, the application name and the developer's name is in the lower left corner of the application when the lock is engaged.
I'm not against giving the developer credit, it is a VERY good app, but this flaw seems to defeat the point of having a challenge lock on your phone.
Since anybody can find/steal my phone, know what application is locking it (since its on the lock app) & who made it, run a Google search, easily end up on this forum or emailing the developer, and pretend to be the legit owner of a phone who simply forgot how his/her lock pattern.
Then all the nice, helpful, and trusting people here would tell them how to reset the pattern using a usb connector and a computer.
Click to expand...
Click to collapse
I don't really think the concept is to keep people out of the phone. I think it is to keep the buttons from not getting pressed. I don't think its a smart idea to bank your protection on a series of dots, or "slide to unlock" where there might be a few people in my office baffled, by "slide to unlock" it just does not seem like it will keep people out.
I think the reasoning for branding the software is because there are a lot of bad people out there that are trying to sell our awesome devs software. They need to mark it, we have almost lost many programs because of this data theft.
"security trough obscurity" is a very bad method. Throttle lock should be safe even if you know the program and if not, hiding the program name isn't the right method to get it safer
I'd suggest using some other locking program if your worried about security. Like the default windows pin one. Correct me if i'm wrong but i don't think throttle lock was made to secure the device but more for a new, more interactive/user friendly way to have a keyguard.
dwizzy130
This wasn't worth making a new thread for.
Don't post any further comments in this thread.
Continue here.
double post
I don’t actually need help with this. Its just a cautionary tale about a bug in the unlock program.
So after reading threads over the years of people who managed to forget their device’s username or password and thinking to myself – how on earth can you be so stupid? Guess what I managed to do. Somehow I managed to set an unlock pattern that I had no idea what it was.
In theory this is fine, as if you enter the wrong pattern 5 times a button appears that allows you to unlock with your Google account. However please note that this DOES NOT WORK at all. I tried every conceivable way of entering my username and password (@googlemail.com @gmail.com username on its own) and nothing worked.
After searching I note that this is a problem with Andorid (it seems to have been noted on a lot of droid forums). I understand that Google are aware of the bug but haven’t yet fixed it.
In the end I managed to hit upon the code (pretty much by random).
Be careful!!
EDIT - Google bug report here http://code.google.com/p/android/issues/detail?id=4784
More info here http://androidforums.com/support-troubleshooting/17319-forgot-unlock-pattern.html
Maybe YOU had this problem, but I forgot the lock pattern I had set and it let me login just fine...took a couple of seconds.
Not sure what the use of capitals was for then…
Ok for clarification – yes *I* along with some others definately have this problem. Clearly it is a problem but I don’t know the pattern of people it affects and doesn’t (UK vs Non-UK? Googlemail.com vs Gmail.com?)
I raise it because it’d be prudent for people to check before they actually need to use it.
The Fingerprint Scanner SDK (originally posted at http://forum.xda-developers.com/showthread.php?t=1202577) for Android has been released by Authentec. Currently there is only one device(Motorola Atrix) with a fingerprint scanner, but if you release your application with support for the fingerprint scanner (once you get the hang of it it is really not hard to use at all) then users of phones with fingerprint scanners will most likely be happier with your application.
Google has stated that Google Wallet will use fingerprints to unlock the payment system, so clearly more capable devices are on the way (source: http://www.qrcodepress.com/google-unveils-safety-measure-for-their-upcoming-mobile-wallet/853399/). Including fingerprint scanner capability in your application will also future-proof it as AuthenTec will have the same framework in place in other phones that will use their fingerprint scanner (Authentec is a leader in biometric security systems for lots of devices).
MotoDEV Article Guide:
http://developer.motorola.com/docstools/library/writing-fingerprint-enabled-apps
Read and Download the (simple) SDK at their site:
http://developers.authentec.com/
Example of SDK Usage (pulled from the SDK)At the time of this writing, it is my understanding that before you release the application you need to have them review it to meet their security specifications... They don't want you using this fingerprint scanner library and making their work look bad. It's a fair deal to me. I'm not sure if this is how they want it though - maybe that is just for Advanced SDK or maybe I'm just wrong (taken from their site) It appears right now that there is a mismatch between the developers and the makers of the authentec site... apparently there is no requirement for using the fingerprint scanner, so develop away!
I have an Atrix and the fingerprint scanner is amazing, once you use it you will never go back to patterns or pins. As such this guide was written by a user of the Atrix - future devices might not use the exact methodology but it should be nearly identical.
I have the Advanced SDK but I have not used any of the advanced functions yet. After using the code (And getting it to finally work) I have found some things that are not documented or are documented incorrectly in the SDK docs and I have come here to post items that will save you great time. If you find others I hope to hear about them so I can add it to the list - I'll even credit you (maybe with a post number so you can score some thanks points!)
The swipe fingerprint screen won't show up - but I'm getting a result (mine was always 14)
AM2 (Authentec fingerprint framework - there are a lot of unsubscribed terms in the documentation so just go with me here) requires Internet Permission (perhaps to verify the key for the advanced SDK, it might not be done locally - without a key advanced SDK functions will not load). If you don't, all uses of the tsm.jar will not work. Not listed at all in documentation
AM2ClientLibraryLoaded() doesn't work with the code they provide!?
You must Instantiate Authentec.AM2ClientLibraryLoaded() - SDK Docs shows as static but it is not used in the example program they give.
It goes into verification but does not show anything and locks up the fingerprint sensor.
Do not change the 'screen' in the examples of sScreen... I thought that was the title of the window that would appear, but apparently those strings are built into it... it would work better as static fields passed as integers. For values look at the next answer.
What can I use for sScreen (viaGfxScreen(string))?
The documentation says nothing of this but these are different types of verification screens. There is fingerprint scanning only and then there is the unlock style one where you also get the PIN. I'm guessing a modifed version of this is how the lock screen works.
"lap-verify" is fingerprint and PIN
"get-app-secret" is fingerprint only - hit and miss right now... will update when I get it perfected
Why does it lock up?
Only 1 app at a time can access the fingerprint scanner. Motoblur seems to access it occasionally and I think that's why it died on the Atrix's Froyo 1.8.3. It seems mostly fixed but as you develop you will most likely lock it up as you debug. Having a wrong sScreen variable will kill your FP scanner. If it locks in your app you will lose the ability to unlock the device with the FP scanner.
Use DDMS to kill com.authentec.TrueSuiteMobile and the lock will work again. This might work on 1.8.3 but I'm not sure it works that way. If the application exits with the home button, it seems to also lock it up. I'm looking into a way to avoid this..
I can't register my application, it's failing with code 6 - (System Error)
I encountered this one myself when using my Api key for com.mgamerzproductions.gibbertalk - I changed it to com.mgamerzproductions.gibbertalk.testing and it no longer worked. They did tell me this in the email that it is only for one package - so make sure you choose wisely, or bribe the people giving out the API keys to give you another one. I wish it was more specific (API_KEY_NOT_AUTHENTIC or something)
I'm still having problems. What can I do?
You can use these tags for debugging in logcat:
AMJNI (AuthenTec Mobile - permissions - server)
TrueMobileSuite (some gfx log info - swipe fingerprint screen)
AndroidRuntime (will tell you crash related things, as debugging for errors will produce too much to read at once)
Any other things would be greatly appreciated for all of use Developers so speak up if you have something I don't have listed and I'll add it.
If you want to use the encrypted storage provided by the framework you'll need to apply for the Advanced SDK. You have to give them a description of your app, and it has to be security related (obviously that's the whole point of the fingerprint scanner and they don't want you to abuse it).
If you like the guide, and you are on MotoDev, I wouldn't mind a kudos in the contest http://community.developer.motorola...print-Enabled-Apps-quot-article-in/td-p/17206
RESERVED
Reserved for OP at a later date
Pictures of my use right now (more later)
Spoke to OP, moved to main Android development, as this would be of more interest to the development community in general, as I'm sure other phones will be using fingerprint scanning (and this sdk) in the near future.
Originally posted in the source thread:
heilpern said:
I tried to post in the linked thread, but as I'm a new XDA poster the system wouldn't allow me to.
The INTERNET permission is required, however there aren't any connections made off of the device. The system uses sockets internally and INET sockets are used rather than UNIX sockets.
> Why does it lock up?
> Only 1 app at a time can access the fingerprint scanner.
This should not cause the system to lock up; it should cause your app to delay briefly and either continue with your request or return to you with an error. If you can duplicate some other result reliably, please share details.
> If someone also can upload and create an eclipse project it would be must easier to import and view their source code they post. I tried but eventually gave up cause of so many problems.
The eclipse projects for these examples are very simple -- with the exception of the .project you have everything you need in the example directories. Worst case is you can create a new Android project and replace its manifest, sources and resources with those provided by the examples. Then point the build path at your tsm.jar and you'll be ready to go.
Click to expand...
Click to collapse
What I meant was that if an app is asking for the fingerprint reader (not the app entirely, but actively asking for the FP reader scan), and motorola does something in the background with the FP scanner (on atrix), it can lock it up. This was heavily apparent on Atrix 1.8.3 but in the new update it seems to have been mostly fixed.
Errors: If you bring up the window with anything but lap-verify or get-app-secret, the window will lock up (and i think fingerprint reader will lock up as well - if you return to the lockscreen you'll see it never finishes initializing it) I can attempt to reproduce this error but I want to finish some development I am doing now.
heilpern said:
com.authentec.TrueSuiteMobile drives the UI, directly or indirectly depending on exactly what's going on (indirectly in the case of the lock screen, for example). If this package is killed it will restart with the next fingerprint operation however it will disrupt any currently active verification attempt (causing the requesting app to receive an error -- probably the USER_CANCELED error).
Click to expand...
Click to collapse
I never really kill it except if it locks up. Haven't tested what it returns (perhaps null)
heilpern said:
Here's something you can do to experiment if you're using StoreCredential -- swipe one of your existing fingers (the index fingers) and you'll store data to that particular finger. Swipe a different finger (multiple times as prompted) and eventually (after three swipes if all goes well) you'll be asked which finger you just enrolled (and your credential will be stored to that finger). This new finger can be used for subsequent Store Credential requests (without the automatic training session) and to release data stored with Get Secret... but only the index fingers can be used to unlock the Atrix.
Click to expand...
Click to collapse
Yeah, in the original thread I had that image posted... It's in the framework but it never was used... I'm not sure if it was there for this purpose or was just cancelled at the end because it was incredibly confusing... I don't get why you would need all those credentials. It's not like your phone will get passed around that much. You swipe new fingers just like you would if you were registering a finger, then you choose the finger... but the accuracy of the 'pick a finger' one is pretty bad.
Would love to see a test apk where we can try this out...
Nothing available right now?
My application works with the FP scanner... its not done yet though.
These are the included APK's that are the code samples they use:
Download tsm-apk-pack.zip from Host-A
Will it support HTC Desire HD? It won't right?
The fingerprint scanner is a hardware device, just like a laptop fingerprint reader. Its not touchscreen, unfortunately.
Trolling from my ATRIX 4G on probably the crappiest main US carrier
Mgamerz said:
I can't register my application, it's failing with code 6 - (System Error)
I encountered this one myself when using my Api key for com.mgamerzproductions.gibbertalk - I changed it to com.mgamerzproductions.gibbertalk.testing and it no longer worked. They did tell me this in the email that it is only for one package - so make sure you choose wisely, or bribe the people giving out the API keys to give you another one. I wish it was more specific (API_KEY_NOT_AUTHENTIC or something)
Click to expand...
Click to collapse
I agree that a more telling error code would be a better option. Error 6 is eAM_STATUS_ACCESS_ERROR but that value can be returned for other problems as well.
Note that if a generic API key is needed, TSM-0E08085A-1210171A-001A7465-632E7473 can be used if you name your package com.authentec.tsmgetsecret. You cannot post that package to the Market however if you want a means of creating a test APK with a neutral package name that package/key combination will work.
Has AuthenTec claimed that package name on the market...?
they probably should or someone might take that package...
Mgamerz said:
Has AuthenTec claimed that package name on the market...?
they probably should or someone might take that package...
Click to expand...
Click to collapse
Yes, it's already claimed in an unpublished but uploaded entry.
Hi . question: is it possible to use fingerprint senzor as wake up function? My button is very very hard to push, this function would be great....
Is there a way to add more characters or change font SIZE for the personal message? I want mine to say more letters than they currently allow. I couldnt find any way to do it. Thanks in advance!
No, not going to happen, at least stock. maybe a dev can figure that out, I looked everywhere also.
Good luck.
I know there's no setting to change. This is a dev community, I was kimd of asking them. Thanks though.
Sorry to bump an old thread, But I was wondering if you found an answer to this? I am also looking to increase the character count. Seems very limited. I want a message that will inform potential thieves that may find my phone that their fingerprint has been captured and so has their face from front facing camera and has been uploaded to a server already and provide them with a contact number for return with a reward.
I mean if I picked up a phone and that was the first thing I read on a locked screen boy would I return it quick smart. I would return it anyway, as I know how valuable someones phone data can be to people.
I just want some of the less "legit" people around to follow the same protocol :angel: as I would...and what better way to do this than with a subtle message that is "more encouraging"
I am wondering if there is a way to view the history logs for the knock setting?? To better xplain what I'm in need of : After using the same code for weeks suddenly all my unlock attempts failed. So then my bf (who knew the code but was always forgetting it) takes hold of my device & unlocks it on first attempt.But yet the code he used was backwards to what I KNOW had always been!! I am POSITIVE the code had to have been changed but he swears I am wrong. Is there a way I can access and view the system logs to see if he changed it and isn't owning up to doing so????????????? Please help...I don't like feeling as if I have lost my mind.