PINs and unlock patterns remain by far the most common knowledge-based authentication methods on mobile devices. Biometric authentication methods such as fingerprints also rely on PINs and unlock patterns as fallback methods. In recent years, several attacks on knowledge-based mobile authentication have been presented, e.g., shoulder-surfing , smudge attacks  and thermal attacks . In this poster, we present the Petri dish attack, a novel attack to guess secrets based on bacterial growth. We conducted a series of lab experiments with 20 Petri dishes to evaluate the feasibility of this new attack and unfortunately were not able to successfully conduct the attack on off-the-shelf smartphones. However, we still believe that our results are valuable to the scientific community and provide a baseline to explore future crossdomain attack vectors and interdisciplinary approaches on smartphone security.