Click to Skip Ad
Closing in...

Huge Android lockscreen vulnerability lets you unlock password-protected Lollipop devices

Published Sep 16th, 2015 6:50AM EDT
Android 5.0 Lollipop Lockscreen Password Hack

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Just because your Android screen is protected by a password doesn’t mean is as safe as you thought it would be. In fact, if you chose a password instead of a PIN or pattern unlock to protect your Lollipop device, then anyone can get into your phone with a trivial hack that was just discovered and shared with the world.

DON’T MISS: iPhone 6s and iPad Pro must be very scary: Samsung is back with more anti-Apple propaganda

All Android devices that run any version of Lollipop from Android 5.0 to Android 5.1.1 (before build version LMY48M) are susceptible to the hack as long as the lockscreen protection condition is met, research from the University of Texas shows. The vulnerability was discovered in late June, with Google escalating severity from “Low” to “Moderate” by mid-July, after being privately informed on the issue.

The hack works like this: you enter a very long string of characters when prompted for the password, and the smartphone is simply left dumbfounded. The lockscreen crashes and the attacker gets access to the full contents of the phone.

Google released Lollipop version LMY48M to Nexus devices recently, and the new build patches this major security issue. Unfortunately, not all other Android devices that are already on Lollipop will be swiftly updated to the latest build.

However, there is a way to fix this yourself. Just replace your password with a PIN, pattern lock, or fingerprint unlock, and you should be fine.

A proof-of-concept video showing the hack in action, and the required steps to make it possible, follows below.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.