Android pattern unlock is the easiest authentication method to snoop
Security researchers at the University of Maryland and the US Naval Academy have published the results of a study on PIN vs. pattern smartphone security lock methods, within the bounds of working out which is easier for those around you to snoop. Biometric methods are obviously more secure in this regard — ignoring the legal requirement to unlock the phone in some countries if asked by Police — but there are lots of phones which can’t use biometric either because of their age, their price segment, or for legal reasons (Sony in the USA).
When comparing PIN or pattern unlock many people prefer pattern for ease of entry. However, when it comes to people watching you unlock your phone, they have been shown to be less secure. In the study, the researchers found that at five to six feet a six-spot pattern could be repeated by 64 percent of people who saw it once, and by 80 percent of individuals who saw it twice. In comparison, a six-digit PIN could only be repeated by 11 percent of people after one viewing, and 27 percent of individuals after two viewings.
Pattern unlock has other weaknesses too. The limited randomness of human-generated patterns often only provides entropy equivalent to a three-digit PIN, and in an earlier study, researchers could accurately reconstruct part of the pattern based on screen smudges.
If you would prefer to stick to pattern unlock, then your best option is to turn off the feedback trail in security settings, since this halves the number of people who could repeat it after seeing it once (35 percent). Also, it could be a good idea to use an online pattern generator to give a more secure pattern.