![\"Android](\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/2015\/09\/Android-Lollipop-Users-Vulnerable-to-\u2018Massive-Password-Hack\u2019-Attack1.jpg\")
<\/a><\/center>\nWhat is this security flaw?<\/span>
\nThis flaw allows anyone to bypass the lockscreen of an Android phone by using a massive password, and expose the home screen, thereby giving full access to the phone and its contents.<\/p>\n
How does the attack work?<\/span> Who all are vulnerable to this attack?<\/span> Note:<\/strong> Google has already released the security fix for this bug for its line of Nexus devices. As of now, this\u00a0 fix is yet to be released to other smartphone makers who will then push the update out to their respective customers.<\/p>\n What is the Temporary Fix? To conclude, this attack cannot be performed remotely, and requires physical access to the phone; in which case, a user who has had their phone lost\/stolen are at risk. Just so you know, Quick Heal Mobile Security<\/a> app lets you lock your lost\/stolen phone with the help of a simple SMS command. Doing this will ensure that your phone is not misused.<\/p>\n If you think this post is helpful, share<\/a> it with your friends, family members, and acquaintances. If you wish to receive such alerts and security tips directly to your inbox, then click here <\/a>to subscribe to our blog.<\/em><\/p>\n Source:<\/span> A group of researchers at Texas University in Austin, have discovered a security flaw in mobile phones running the Android Lollipop version. What is this security flaw? This flaw allows anyone to bypass the lockscreen of an Android phone by using a massive password, and expose the home screen, thereby giving full access to the […]<\/p>\n","protected":false},"author":6,"featured_media":80638,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-80634","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/80634"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=80634"}],"version-history":[{"count":0,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/80634\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=80634"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=80634"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=80634"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nThe attack works by opening the camera app first, pulling down the notification drawer from top of the screen, and tapping on the settings icon on the top-right corner. This will prompt the user for the password. Now, the user has to enter a massive password (an extremely long string of words; could be even ************************). This will overwhelm the lockscreen, causing the camera app to crash, exposing the home screen.<\/p>\n
\nAndroid Lollipop (5.0) users who use PASSWORD to protect their device could be vulnerable to this security bug. PIN or PATTERN locks are not affected. However, it isn’t clear whether all range of Android Lollipop devices are affected with this bug.<\/p>\n
\n<\/span>Users can change their lockscreen preference to PIN. They can also switch to PATTERN LOCK<\/a>, but we do not recommend this, as it’s not a reliable form of security.<\/p>\n
\nhttps:\/\/www.dailymail.co.uk<\/span>
\nhttps:\/\/www.theguardian.com<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"