With Samsung devices, turning on device encryption force you to use 6 characters password (alphanumeric), which is troublesome if you use your phone often.
What I found out is that after I set such password, complete the device encryption and go back to the Lock Screen setting, I can change the password to 4 digits.
Going back to encryption setting, it said I can now encrypt the device, but must use 6 characters password. But isn't my phone already encrypted? AFAIK, there is no turning off encryption once it's done.
So at this point, is my phone encrypted or not?
lanwarrior said:
With Samsung devices, turning on device encryption force you to use 6 characters password (alphanumeric), which is troublesome if you use your phone often.
What I found out is that after I set such password, complete the device encryption and go back to the Lock Screen setting, I can change the password to 4 digits.
Going back to encryption setting, it said I can now encrypt the device, but must use 6 characters password. But isn't my phone already encrypted? AFAIK, there is no turning off encryption once it's done.
So at this point, is my phone encrypted or not?
Click to expand...
Click to collapse
The phone is encrypted but like you said you cannot permanently decrypt the phone once the process is completed.
DConrad2010 said:
The phone is encrypted but like you said you cannot permanently decrypt the phone once the process is completed.
Click to expand...
Click to collapse
Thanks for the info.
I am curious why initially the device requires alphanumeric passwords (which I created), but once encryption is done, I can go back to the "Lock Screen" and change it to just numeric password. I believe this will NOT remove encryption, but for confirmation, want to check if the encryption is still there.
lanwarrior said:
Thanks for the info.
I am curious why initially the device requires alphanumeric passwords (which I created), but once encryption is done, I can go back to the "Lock Screen" and change it to just numeric password. I believe this will NOT remove encryption, but for confirmation, want to check if the encryption is still there.
Click to expand...
Click to collapse
I had to un-encrypt my phone by unrooting via Oden. Once i Odened then you have to do a factory reset and you are un-encrypted for good.
Related
Hi,
i already thank you for all answers. There's a big problem with my device.
It's an OnePlus 3 with the MarshROM. Everything worked completely fine until i wanted to install SuperSU via recovery. It showed up that it needs a password. But i never did this password! It's none of my known passwords, so what should i do now?
Thanks for your answers and I apologize for my english.
did u make a nandroid backup, also is it asking for the pw in twrp or when trying to get into the OS
Yes, i can't enter TWRP and yes i did a nandroid backup
If you set up fingerprints, it also means you had to set up a backup PIN. Your partition is encrypted, so try the PIN to unlock
castironpuppet said:
If you set up fingerprints, it also means you had to set up a backup PIN. Your partition is encrypted, so try the PIN to unlock
Click to expand...
Click to collapse
Tried it, also doesn't work..
It happened me once, it asked for my password and not the fingerprints to unlock the screen. But my password didn't work. I rebooted the OP3 and as I activated the option to ask password at boot, it asked for a password before booting and my usual password worked (that same password that I tried before rebooting if I didn't made myself clear).
For flashing supersu, yes it ask a password and it's the password that you set up when you register your fingerprint. At first I used a pin code but I could not remember the pin because I only remember the position I input on the numerical keyboard and in twrp it use a full keyboard. So I changed for a password and it worked fine.
The device is encrypted so you need a password if you need to flash something.
If you can still boot your device, choose 1234 as a pin. If it's asking you for a password at boot, then you are screwed.
So no returning?
Le_Zouave said:
It happened me once, it asked for my password and not the fingerprints to unlock the screen. But my password didn't work. I rebooted the OP3 and as I activated the option to ask password at boot, it asked for a password before booting and my usual password worked (that same password that I tried before rebooting if I didn't made myself clear).
For flashing supersu, yes it ask a password and it's the password that you set up when you register your fingerprint. At first I used a pin code but I could not remember the pin because I only remember the position I input on the numerical keyboard and in twrp it use a full keyboard. So I changed for a password and it worked fine.
The device is encrypted so you need a password if you need to flash something.
If you can still boot your device, choose 1234 as a pin. If it's asking you for a password at boot, then you are screwed.
Click to expand...
Click to collapse
Exordos said:
So no returning?
Click to expand...
Click to collapse
Okay i did it. Going to make a tutorial
you mean chosing a password in the phone resolved your problem?
Hey guys -
Need some detective help. I did something to my 10, and I think I did something with the encryption, but I'm not sure how or what.
Follow me here, since I'm not sure what caused it, I'll start at the beginning, and see if anything raises a red flag..
Got phone from HTC, US unlocked version. Got it in.. heck, this past June, I think.
Unlocked bootloader. Got Sunshine, ran it, but never paid and never turned S-OFF.
Never set PIN or Fingerprint.
Installed Viper10 when it was out.
Went to do fingerprint. Got screen saying that for backup, needed to set PIN. Set PIN, then taught it some fingerprints.
Never had data issues, and as far as I know, never encrypted phone. TWRP, when run, did not need me to enter any password or key to access the phone. On bootup, would get PIN prompt, but AFTER Android loaded.
Never got any RUUs, never upgraded Viper10.
Installed CM13 today. Whohoo!
Install went fine, no issues. Restored apps from TiBu, deleted unused bloatware, including the built-in Android keyboard.
Set up other options, and finally got to enter in fingerprints.
It gives me the same screen I got on Viper. This time, though (and I have no idea why), I back out back to Security settings, and enter in PIN there.
Then train fingerprints!
Now, when I reboot system, or boot to TWRP, I get a prompt asking for password (TWRP) or PIN (Android). HOWEVER.. I can enter my pin in TWRP just fine. But not Android. Apparently, since it hasn't booted, Swype doesn't work, and I get no keyboard. Can't enter PIN in at all.
That is my mistake, however, as I removed the built-in Android keyboard. (Something I've done countless times before on other Android versions without issue..)
So I restore Nandroid backup of Viper10. I still get the PIN entry, and STILL have no keyboard.
I see reference in TWRP about PINs not working, so I delete that locksettings.db file (from memory, filename is likely wrong here..)
Phone boots up. Yay. No PIN prompt. Yay.
But now I do NOT have data - as in, it's acting like my phone is unencrypted now.
So, what I'd like to know is -
If NOW my phone is unencrypted, and I'm getting the 'No Data' issue, what was my phone doing BEFORE, when I didn't have to enter PIN, but was getting data?
How can I get BACK to not having to enter PIN and still get data? (In my case, will the instructions for unencrypted work? Or is my phone now 'special'?)
How did I set the PIN the first time on Viper10, and not have it encrypt my phone? I'd like to ultimately get back to THAT scenario - where the lockscreen asks for PIN, but nothing else does (TWRP, Bootup, etc).
Thanks guys!
-Mike
I may be pointing the obvious, but have you do a full wipe before restoring your nandroid? If so, did you try to clean flash your rom to see what happens?
Maybe by removing stock keyboard something got messed up and keeps the keyboard in your nandroid from properly installing.
Yup, I tried restoring the Nandroid several times, some with wiping, some without. Also, I always clean-flash my new ROMs (i.e. ones not restored from nandroid backup, installed new, like going from Viper10 -> CM13)
Going to try again today while at work, see what happens.
During setup in CM13, there should be option to require PIN at startup (It is usually checked by default). Uncheck it and your phone will remain encrypted without requiring a PIN to start.
jackebuehner said:
During setup in CM13, there should be option to require PIN at startup (It is usually checked by default). Uncheck it and your phone will remain encrypted without requiring a PIN to start.
Click to expand...
Click to collapse
Technically correct (encrypted) but effectively incorrect: encryption is moot if a password is not required to decrypt it. It would be like locking your door and leaving the key in it: it's locked but it's not secure.
You need a system keyboard to be able to enter PIN on bootup; hence, the pre-installed keyboard (Google on vanilla, TouchPal on htc) isn't really 'bloatware' as it's necessary. Google makes a good keyboard; TouchPal, though, yeah, necessary bloatware in this case.
Rolo42 said:
Technically correct (encrypted) but effectively incorrect: encryption is moot if a password is not required to decrypt it. It would be like locking your door and leaving the key in it: it's locked but it's not secure.
Click to expand...
Click to collapse
Ah, so in previous ROMs (both OEM and Viper10, it technically WAS encrypted, I just never set the password? .. Huh.
Rolo42 said:
You need a system keyboard to be able to enter PIN on bootup; hence, the pre-installed keyboard (Google on vanilla, TouchPal on htc) isn't really 'bloatware' as it's necessary. Google makes a good keyboard; TouchPal, though, yeah, necessary bloatware in this case.
Click to expand...
Click to collapse
Interesting, thanks for this; good to know. A shame, but good to know that's just how it is.
coyttl said:
Ah, so in previous ROMs (both OEM and Viper10, it technically WAS encrypted, I just never set the password? .. Huh.
Interesting, thanks for this; good to know. A shame, but good to know that's just how it is.
Click to expand...
Click to collapse
Correct. The password is to get at the encryption key; it isn't the encryption key itself.
Bitlocker/SED works the same way. Otherwise, a password change would mean re-encrypting everything.
If you put in the wrong password, it'll look like you have no data.
Hey guys,
I have always had my op3 encrypted and I've become used to always entering the pin when booting up, accessing twrp etc. but today when I rebooted into twrp I didn't have to enter any pin to use twrp. When booting up the system I didn't have to enter a pin either.
When I check the settings under Security & Fingerprint it looks as in the attached screenshot, I don't have any options to decrypt or anything either
I'm running OOS 4.1.3, FrancoKernel #23 , Magisk 12, twrp-3.1.0-x_blu_spark_v27.
Is this something that anyone has experienced and know how to fix?
I want to keep my encryption but then, of course, you should have to use the pin.
Cheers!
Then the pin is defaulted and thus you don't need any. I don't need one, too and never did, but all is encrypted (Even locked down with a pin on bootup and fingerprint otherwise)
I believe this is an option you need to setup during the wizard when you initially set up the device. It asks you whether you want to require a pin on startup or not.
But, you can also turn this on by going to settings>security>screen lock.
From there, you click on the area where it says PIN. Confirm your pin, then click PIN again, and there should be an option to require pin for startup. Other than that, you are still encrypted, but it is all bypassed in order for quicker startup.
Sent from my ONEPLUS 3 using Tapatalk
noobtoob said:
I believe this is an option you need to setup during the wizard when you initially set up the device. It asks you whether you want to require a pin on startup or not.
But, you can also turn this on by going to settings>security>screen lock.
From there, you click on the area where it says PIN. Confirm your pin, then click PIN again, and there should be an option to require pin for startup. Other than that, you are still encrypted, but it is all bypassed in order for quicker startup.
Sent from my ONEPLUS 3 using Tapatalk
Click to expand...
Click to collapse
Ah that was it! it had somehow disabled itself, simply going in and enabling "require pin to start device" solved it.
Thanks!
Try removing the lock screen password and setting it up again and it will be back again in twrp.?
Hello,
I accidentally replaced my encryption password with the default encryption. Does anyone know if I can set my own one again?
I tried out "Macrodroid" with the goal to automatically enable and disable airplane mode and while trying out different things (bound to fingerprint gestures) it asked me for accessibility access which I allowed but then it (the accessibility settings page) asked for my password and said it was needed since accessibility is also related to encryption state or so. But I didn't enter my password and clicked on cancel, I don't know the app that well so I didn't want to give it access over my encryption.
My theory is now that it replaced my encryption password with the default one then because it didn't ask me again for my encryption password when I de- and reactivated accessibility.
I uninstalled the app then and use "Auto Airplane mode" now. I checked with "Sd-maid" for any leftovers and then rebooted and it didn't ask me for my password, I just straight booted into system. (Device is still encrypted but with standard password.)
Booted into twrp and it was able to surpass encryption, went straight to main twrp menu.
Is there any option to manually set the encryption password?
I think if I flash "disable-force-encrypt" again (like I did while installing my phone) I would have to format data, too in order to remove encryption and re-set it in system settings, or not?
My last option before totally reinstalling the ROM would be to restore a nandroid backup from after I installed it the first time.
Greetings,
7080
How does it affect device encryption by enabling or disabling the 'Encrypt using lock screen password' option (in privacy settings)? What is opposite? What password is used for encryption if this turned off?
If this is enabled, then a password is required before running the android.
But when this option was not turned on, the menu showed "encrypted" anyway and the Terminal (termux), after entering 'getprop ro.crypto.state' and 'getprop ro.crypto.type' I received the message 'encrypted' and 'block'. So, the device was encrypt anyway (at least in theory).
The question is what changes the inclusion of this option and is it really worth?
wholegrain said:
... The question is what changes the inclusion of this option and is it really worth?
Click to expand...
Click to collapse
The result will be that Android (and TWRP) will not start until you enter the lockscreen password. If you don't reboot your phone very often, then you may be able to live with the hassle (bootup will be much slower). And you'd better not forget the lockscreen password. But if the bootloader is unlocked, and/or TWRP is installed, nothing stops anyone from formatting the data partition and using the phone for their own purposes.
Does it give you any extra protection over standard encryption + fingerprint or lockscreen password? If your bootloader is locked, then maybe. Is it worth it? That is a matter of opinion - but I personally wouldn't bother with it. The greatest security risk lies in unlocking the bootloader. Once you unlock it, the phone itself is easy to commandeer, even if your data is safe because of encryption.
DarthJabba9 said:
But if the bootloader is unlocked, and/or TWRP is installed, nothing stops anyone from formatting the data partition and using the phone for their own purposes.
Click to expand...
Click to collapse
You mean 'using for their own purposes' with my data or after wiped? Anyway, I enabled this additional authentication. I don't have unlocked bootloader or TWRP. If the phone is turned off, then stranger can wipe (by holding power + volume up) and use it as its own.
I'm interested in what the difference in access to my data by a stranger is when the option is enabled or disabled. When enabled - I understand that when the bootloader is locked and there is no TWRP, the stranger can't access the device's data. When disabled - data supposedly encrypted, but is not the "default" password recoverable too easily?
wholegrain said:
You mean 'using for their own purposes' with my data or after wiped?....
Click to expand...
Click to collapse
Your data cannot exist after the data partition has been formatted. If your bootloader is locked, then you don't need to worry too much - just don't forget your lockscreen password.
As for standard encryption with default password, this enables TWRP to access the encrypted storage without asking for a password. This is what a lot of people expect (and demand). Some people who are very concerned about data security often prefer to have to enter a password, even to start TWRP. It is all down to individual taste.