Last year a group from the University of Pennsylvania analyzed the security of Android's gesture unlock with respect to screen residue ("smudges"). Their basic observation was that the fatty residues left behind by fingers are visible for long times and allow others to recover your unlock pattern just by looking at your mobile's touchscreen.

One easy solution to this issue would be to add random start and finish points into the unlock pattern. Users would have to begin at a (randomly selected and highlighted) start position in the grid and draw (any) connection leading up their own pattern's starting position ("prefix"), draw their pattern and supplement it with (any) connection finishing at a (randomly selected and highlighted) finish position in the grid ("suffix").

Let me illustrate. The first image shows the "original" unlock pattern while the second image adds (rather trivial) "prefix" and "suffix" legs.

Picture 1: the "original" unlock pattern starts at (x=3,y=1), goes to (x=1,y=1) and finishes at (x=2,y=2).
Picture 2: the "new" unlock pattern starts at (x=3,y=2), goes to (x=3,y=1), continues to (x=1,y=1), over to (x=2,y=2) and finishes at (x=1,y=2).
Thus, the random start point in this example is (x=3,y=2) and the random finish point is (x=1,y=2). Obviously, most times randomly selected start and end points will make the effective unlock pattern a little more complex then in this example.

Keep in mind though, that not only will the start and finish points be random: the user is entirely free to chose any path for either leg - as long as it ends up where it's supposed to. That should be enough to cause smudge mayhem and thus destroy any otherwise dominant smudges on the touchscreen.