Riddle screen locker

[Habiba Ben Othman]

Hi everyone,
I'm looking for an app that shows a riddle that changes every time the screen is locked. The user can't access the phone unless the riddle is solved.
Is there such an app ?

 

[Member 1919122]

No

 

[dontpanicbobby]

Sounds like a great app but what if you don't know the answer; can you not use your phone? Security wise I can't see it working. Anybody that knows the answer could unlock and use your phone.

 

[Habiba Ben Othman]

Sounds like a great app but what if you don't know the answer; can you not use your phone? Security wise I can't see it working. Anybody that knows the answer could unlock and use your phone.

You're right, unless this locker only appears after the default phone locker (Password, fingerprint, etc.).
The riddles can be customized for example by subject..

 

[dontpanicbobby]

Sounds like 2-step verification. Google is already doing that.

 

[Habiba Ben Othman]

Yes indeed, but I think there's no such app for locking the entire phone, not just Gmail or other single apps. am I right?

 

[svim]

Interesting concept but I can't imagine there are a lot of people who want to make their phone intentionally difficult to gain access to. A lock screen that you may or may not be able unlock?

 

[dontpanicbobby]

No your're not.
The riddle thing is very good with the options you offered.
Unless you can "project here what you mean?".
Show me what you're talking about. Just a bit sketch. I cannot see it.

 

[Xyro]

Sounds like 2-step verification. Google is already doing that.

Two step methods work because, once enabled, you need to access a physical object or location to log in. That ought to be trivial for the owner of the account, but near-impossible for someone else to achieve remotely.

Just adding another step to logging in, especially one that anyone could figure out, wouldn't make the phone much more secure.

 

[Daniel Fernandes]

I would love to use such an app..
It's useful for phone addicts who want to spend less time with their phones but can't ;-)

 

[dontpanicbobby]

I could use that too.

 

[Hadron]

Even coming after the normal lockscreen it isn't providing any additional security: once you've got past the lockscreen anyone who can work out the riddle has access.

Now if the purpose is to stop you checking your phone too often by slowing the process of unlocking up, then I can see it .

 

[Habiba Ben Othman]

Suppose the riddles are already known by the owner of the phone, like a secret question (favorite book, first address, name of your first pet), or related to one of his/her areas of expertise (math problems, questions about his/her favorite book, questions in another language, etc.).
All these questions and riddles can be pre-configured (topic, type of questions, language, etc.), or even made by the phone owner, so they won't be much of a surprise for him/her, but for another person, yes.
This mode can be activated or deactivated (like maximum security mode).
What do you guys think?

 

[dontpanicbobby]

It's been done and works well @Habiba Ben Othman. Mostly on websites though not phones. If it does come to phones it would be the 3rd step I guess.

 

[Daniel Fernandes]

It's been done and works well @Habiba Ben Othman. Mostly on websites though not phones. If it does come to phones it would be the 3rd step I guess.

So what's the second step at present?

 

[dontpanicbobby]

A code sent to your email assuming you have access to email without your phone. It's for people who work with computers. Office workers of some type I'd assume. Even the people not working in offices probably have some type of device with them that can receive emails.

 

[Xyro]

So what's the second step at present?

A code sent to your email assuming you have access to email without your phone. It's for people who work with computers. Office workers of some type I'd assume. Even the people not working in offices probably have some type of device with them that can receive emails.

I know we're talking about it in the context of securing android phones, but the point of two factor authentication (2FA) is not to secure your phone. Instead, it aims to make your email account (or any online account) more secure, by making password-theft useless. Anyone and everyone would stand to benefit from using it.

If you enable 2FA, it kicks in every time you log into your google account. You'll not only need to provide your password, but also a code from a trusted source. Trusted sources can be android phones you're already logged into, emails sent to your email account, or messages sent to your mobile or landline telephone numbers. The logic here is that it is trivial for you to access these things, but near-impossible for someone across the world who stole your password to do the same.

To get back to the topic at hand, turning 2FA on does not add any extra security steps when using your phone day-to-day. You still only use a normal PIN/fingerprint/swipe-pattern, and that's it. The only time you would encounter it is when adding your google account to a new android phone.

 

[dontpanicbobby]

The riddle thing has potential.

 

[Hadron]

Secret questions can work, as that's personal information. Just make it obscure enough that very few people are likely to know it (and make sure you've not posted the answers on Facebook ).

Riddles related to someone's "specialist" knowledge are not secure. To use your examples, I've taught maths at university level, have a working knowledge of a couple of languages other than English, and who knows whether your favourite book is one I'm familiar with or not? But that's not the real problem: the person trying to crack it has a search engine and online translator in their pocket. Make the questions really obscure, give a short time to answer, and a long list so they don't repeat often and you will delay someone, maybe for long enough, but I'd not call anything based on public information secure.

 

[Habiba Ben Othman]

Thank you guys, now if I had to develop such a screen locker, would it be a normal app (thus can be developed as a cross platform app) or an embedded app?