To hack an Android phone, just type in a really long password

According to the blog post’s step-by-step instructions, users can replicate the bug by opening the camera app, pulling down the Notification draw (left) and entering a long string of random characters in to the password field that appears (right).

There’s an easy way to bypass the lockscreen in devices running Android 5.0 Lollipop – at least, those which have not yet received the latest security update. The huge amount of characters causes the lock screen of your device to crash and this enables hackers to obtain complete control over your device to steal your data.

The technique begins by adding a large number of characters in the emergency call window and then copying it on the Android clipboard.

Another swipe from the the top of the display exposes the Quick Settings menu. The lockscreen crashes and the attacker gets access to the full contents of the phone.

A security flaw in Android that lets people bypass the lock screen on a mobile device has been discovered by researchers at the University of Texas.

Wait maybe five minutes, and the phone goes straight to the unlocked home screen.

Android will then ask for a password before displaying this window, which is when the copied password should be pasted.

Google has released a patch for its Android operating system last week, which contained a fix for the bug CVE02015-3860.

However, it can take months or even years for updates to hit the majority of Android phones.

For those who are yet to receive the fix, the workaround is to use a pin or pattern based lock, which are not susceptible to this attack.

The researchers reported the flaw to the Android security team in June, which assigned it a “low severity” issue. That overloads the computer, which redirects you to the phone’s home screen. These types of security methods are not affected by the bug and hackers will have to find other ways to open your device.