Phone storage encryption - tips, things to avoid, or general advice? - One (M9) Q&A, Help & Troubleshooting

(Verizon HTC One M9, S-OFF, bootloader *** UNLOCKED ***, Software status: Official, TWRP recovery installed, Android version 5.0.2, HTC Sense version 7.0 Software number 1.33.605.15)
I'm anticipating a requirement in my near future to turn on "Phone storage encryption (Protect content on this phone with a password)" under Settings -> Security. When I did this under similar circumstances on my HTC One M7, it seemed to adversely affect the performance of the phone. I encountered a lot of random freezes at various points (after entering my unlock PIN, waking up the phone, switching apps, even occasionally during phone calls).
In fairness, I had a lot of stuff on internal storage on my old phone - pictures, audio, etc. - that I now store on my 32GB microSD card on the M9. Nonetheless, the prospect of encrypting my internal storage is intimidating, especially because it's apparently a one-way operation, and there's No Going Back if the phone performance starts to lag as the old phone's did.
Has anyone else experienced any similar troubles after turning on Phone storage encryption? Also, I'm not averse to moving off of the HTC stock ROM; I just haven't done it yet. Is there a particular ROM that seems to perform better -- or worse -- with encrypted internal storage?
Thanks.

Good question and I realy would like to join in.
Normaly Google says, since Android 5 Storage encryption should be standard and phones with native Android 5 should have hardware accelerated encryption. But there is no information thats says which phone have this hardware accelerated encryption.
And in addition most phones with native android 5 don't have standard encryption activated.
So is there anyone who tested the M9 with storage ecryption?
\Edit:
This article says AES comes with ARMv8 wich is used in Snapdragon 810 http://www.chip.de/news/Rueckzieher...sselung-in-Android-5.0-Lollipop_76997991.html

encryption disabled dial pad and texting
I have a sprint M9, twrp recovery, rooted, and flashed Viperone ROM.
Everything was working great.
Because of work email needs and the need for Microsoft Exchange, I had to encrypt the phone. So I did.
After encryption, I cannot make outbound calls. I receive calls. Just cannot dial them. Seems like the problem is with the dial pad. Lets me enter the number, but when I hit "call" it just goes away. I cannot type internal phone commands like ##1234## to get information. Just disappears.
Also, I cannot send or receive text messages.
I went into TWRP to revert back to my backup. And of course no backup is there. Everything is encrypted and unreadable by TWRP. I have read a lot on these boards and thank you. I cannot find much written on this subject.
Sprint reports everything is fine and working on their end.
So frustrated. Seems like an easy setting or fix. The dial pad is not reading something from an encrypted file?
Sorry for the ignorant language. I am very new at all this. Any ideas?

crk53 said:
I have a sprint M9, twrp recovery, rooted, and flashed Viperone ROM.
Everything was working great.
Because of work email needs and the need for Microsoft Exchange, I had to encrypt the phone. So I did.
After encryption, I cannot make outbound calls. I receive calls. Just cannot dial them. Seems like the problem is with the dial pad. Lets me enter the number, but when I hit "call" it just goes away. I cannot type internal phone commands like ##1234## to get information. Just disappears.
Also, I cannot send or receive text messages.
I went into TWRP to revert back to my backup. And of course no backup is there. Everything is encrypted and unreadable by TWRP. I have read a lot on these boards and thank you. I cannot find much written on this subject.
Sprint reports everything is fine and working on their end.
So frustrated. Seems like an easy setting or fix. The dial pad is not reading something from an encrypted file?
Sorry for the ignorant language. I am very new at all this. Any ideas?
Click to expand...
Click to collapse
Hi
I know this is late on this thread, but I was wondering if and or how you resolved your dilemma? I'm considering encrypting my HTC m9 on 6.0

DGL2033 said:
Hi
I know this is late on this thread, but I was wondering if and or how you resolved your dilemma? I'm considering encrypting my HTC m9 on 6.0
Click to expand...
Click to collapse
HTC uses proprietary (non-AOSP) encryption. As a result, TWRP won't be able to decrypt your phone if you have encrypted it on a stock or stock-based ROM.
In theory, TWRP can decrypt when encryption is performed with an AOSP ROM (CyanogenMod, CandySiX, et cetera). Unfortunately, encryption - though functional - doesn't behave as expected even on these ROMs. Your phone will indeed be encrypted successfully, but some ROMs (CyanogenMod) won't re-boot after encryption and other ROMs will boot (CandySiX) but still not be decrypted by TWRP.
TLDR: If you want encryption, go for it but know that you're locked into that choice.

computerslayer said:
HTC uses proprietary (non-AOSP) encryption. As a result, TWRP won't be able to decrypt your phone if you have encrypted it on a stock or stock-based ROM.
In theory, TWRP can decrypt when encryption is performed with an AOSP ROM (CyanogenMod, CandySiX, et cetera). Unfortunately, encryption - though functional - doesn't behave as expected even on these ROMs. Your phone will indeed be encrypted successfully, but some ROMs (CyanogenMod) won't re-boot after encryption and other ROMs will boot (CandySiX) but still not be decrypted by TWRP.
TLDR: If you want encryption, go for it but know that you're locked into that choice.
Click to expand...
Click to collapse
Hey, thanks for the quick, informative reply. I may just hold off for now, as I'm likely to root after warranty is up. But,FYI, From what I read in the HTC user guide, I could undo the HTC encryption with a factory reset, which I would probably do when they stop updating, and I move to CM or other ROM at that point. I appreciate the advice greatly, as it sounds like personal experience, or you're well informed on the subject, or both.

DGL2033 said:
Hey, thanks for the quick, informative reply. I may just hold off for now, as I'm likely to root after warranty is up. But,FYI, From what I read in the HTC user guide, I could undo the HTC encryption with a factory reset, which I would probably do when they stop updating, and I move to CM or other ROM at that point. I appreciate the advice greatly, as it sounds like personal experience, or you're well informed on the subject, or both.
Click to expand...
Click to collapse
My pleasure!
To confirm, yes you can absolutely remove encryption via factory reset.

On my U11 (Oreo 8.0/currently stuck on ViperU2.1 as nothing else seems to boot) I can't seem to decrypt my device (its lagging a bit due to encryption I believe.)
It won't allow me to decrypt in Settings, nor will it decrypt on a hard reset, nor allow me to change it after a hard reset. And reflashing Viper still has phone encrypted.
Any tips?

Related

Question on "Phone Encryption"

Hey guys, sorry if this has been answered somewhere else, but I just want to confirm my understanding about encryption.
I'm setting up MobileIron and TouchDown for my work email and paused when the IT policy asked me to encrypt my phone.
So, is doing encryption will make it impossible for us to flash rom, radio, any kind of flashing + impossible to do all other things in CWM - due to the partition is being locked and encrypted before the device boots up?
(I'm not good to explain it technically, hopefully you get what I mean).
Slower boot time? The only way to decrypt is to factory reset and wipe all data? Impossible to backup nandroid? etc etc...
Of course the device would be more secure from the company's security point of view, but is that it?
I'm pretty sure there's no other workaround if I want to setup my phone with work email, since of course the IT policy applies to all employees so I can't ask for an exception.
At the same time I don't want to lose my ability to flash just because of the work email, it defeats the purpose of me having Android (which is to tweak and mess with my phone).
I came from SGSII where the IT policy only enforces PIN/password/pattern requirement, or perhaps because SGSII doesn't have encryption capability.
Appreciate your comment and opinion guys.
Hopefully someone knows.
kisekio said:
Hey guys, sorry if this has been answered somewhere else, but I just want to confirm my understanding about encryption.
I'm setting up MobileIron and TouchDown for my work email and paused when the IT policy asked me to encrypt my phone.
So, is doing encryption will make it impossible for us to flash rom, radio, any kind of flashing + impossible to do all other things in CWM - due to the partition is being locked and encrypted before the device boots up?
(I'm not good to explain it technically, hopefully you get what I mean).
Slower boot time? The only way to decrypt is to factory reset and wipe all data? Impossible to backup nandroid? etc etc...
Of course the device would be more secure from the company's security point of view, but is that it?
I'm pretty sure there's no other workaround if I want to setup my phone with work email, since of course the IT policy applies to all employees so I can't ask for an exception.
At the same time I don't want to lose my ability to flash just because of the work email, it defeats the purpose of me having Android (which is to tweak and mess with my phone).
I came from SGSII where the IT policy only enforces PIN/password/pattern requirement, or perhaps because SGSII doesn't have encryption capability.
Appreciate your comment and opinion guys.
Click to expand...
Click to collapse
Once your device is encrypted you won't be able to flash roms because recovery can't see the SD when you try to flash a kernel or rom.
You can't remove the encryption through a factory reset if your device is rooted and running CWM recovery. It will fail and the phone just boots up as normal. The only way I was able to remove encryption was to ADB/Fastboot the stock images onto my Nexus.
Lastly, I noticed the phone being very slow to boot with encryption.
Until Google give the option to decrypt I won't go near encryption again. Hope this helps and answers some of your questions.
jd1001 said:
Once your device is encrypted you won't be able to flash roms because recovery can't see the SD when you try to flash a kernel or rom.
Click to expand...
Click to collapse
I assume any kind of flashing won't work with encryption, including rom, kernel, radio, circlesmod, and all other kinds of mods that require flashing from CWM.
Is that correct?
If that's the case looks like I'm not going to use my work email on my phone.
Yeah your assumptions are correct!
jd1001 said:
Once your device is encrypted you won't be able to flash roms because recovery can't see the SD when you try to flash a kernel or rom.
You can't remove the encryption through a factory reset if your device is rooted and running CWM recovery. It will fail and the phone just boots up as normal. The only way I was able to remove encryption was to ADB/Fastboot the stock images onto my Nexus.
Lastly, I noticed the phone being very slow to boot with encryption.
Until Google give the option to decrypt I won't go near encryption again. Hope this helps and answers some of your questions.
Click to expand...
Click to collapse
I'm in exactly the same situation, unfortunately found out that i can't decrypt it with factory reset after I'm already encrypted
Do you happen to know good tutorial for flashing via ADB/fastboot?
I flashed my CM10 4.1.1 using galaxy nexus toolkit
http://forum.xda-developers.com/showthread.php?t=1830108 You're welcome.

Phone storage encryption - tips/pitfalls requested

[Cross-posted from the generic HTC One M9 help, Q&A, and troubleshooting forum, where I received no replies. Thought that the VZW-specific group might shed some light, as y'all have been so nice and helpful to me so far ... 8^]
(Verizon HTC One M9, S-OFF, bootloader *** UNLOCKED ***, Software status: Official, TWRP recovery installed, Android version 5.0.2, HTC Sense version 7.0 Software number 1.33.605.15)
I'm anticipating a requirement in my near future to turn on "Phone storage encryption (Protect content on this phone with a password)" under Settings -> Security. When I did this under similar circumstances on my HTC One M7, it seemed to adversely affect the performance of the phone. I encountered a lot of random freezes at various points (after entering my unlock PIN, waking up the phone, switching apps, even occasionally during phone calls).
In fairness, I had a lot of stuff on internal storage on my old phone - pictures, audio, etc. - that I now store on my 32GB microSD card on the M9. Nonetheless, the prospect of encrypting my internal storage is intimidating, especially because it's apparently a one-way operation, and there's No Going Back if the phone performance starts to lag as the old phone's did.
Has anyone else experienced any similar troubles after turning on Phone storage encryption? Also, I'm not averse to moving off of the HTC stock ROM; I just haven't done it yet. Is there a particular ROM that seems to perform better -- or worse -- with encrypted internal storage?
Thanks.
GoHskrs said:
[(Verizon HTC One M9, S-OFF, bootloader *** UNLOCKED ***, Software status: Official, TWRP recovery installed, Android version 5.0.2, HTC Sense version 7.0 Software number 1.33.605.15)
I'm anticipating a requirement in my near future to turn on "Phone storage encryption (Protect content on this phone with a password)" under Settings -> Security. When I did this under similar circumstances on my HTC One M7, it seemed to adversely affect the performance of the phone. I encountered a lot of random freezes at various points (after entering my unlock PIN, waking up the phone, switching apps, even occasionally during phone calls).
In fairness, I had a lot of stuff on internal storage on my old phone - pictures, audio, etc. - that I now store on my 32GB microSD card on the M9. Nonetheless, the prospect of encrypting my internal storage is intimidating, especially because it's apparently a one-way operation, and there's No Going Back if the phone performance starts to lag as the old phone's did.
Has anyone else experienced any similar troubles after turning on Phone storage encryption? Also, I'm not averse to moving off of the HTC stock ROM; I just haven't done it yet. Is there a particular ROM that seems to perform better -- or worse -- with encrypted internal storage?
Thanks.
Click to expand...
Click to collapse
Hi GH, I can only comment on encryption as required by EAS (Exchange) policies at my office. Also, I'm stock-S-on, lacking Root. I don't seem to have issues with it on the M9. I also used EAS on my S-off rooted VZW M7. On that device, I could not achieve a successful encryption on any ROM other than a "Stock-Rooted" version. YMMV.
neutronjeff said:
Hi GH, I can only comment on encryption as required by EAS (Exchange) policies at my office. Also, I'm stock-S-on, lacking Root. I don't seem to have issues with it on the M9. I also used EAS on my S-off rooted VZW M7. On that device, I could not achieve a successful encryption on any ROM other than a "Stock-Rooted" version. YMMV.
Click to expand...
Click to collapse
NJ -
Thanks. That's good information. My requirement is similar, to support Exchange ActiveSync.
After taking backups of everything via TWRP, I just flashed AndyBones' Fluent ROM; we shall see if it allows me to encrypt internal storage.
neutronjeff said:
Hi GH, I can only comment on encryption as required by EAS (Exchange) policies at my office. Also, I'm stock-S-on, lacking Root. I don't seem to have issues with it on the M9. I also used EAS on my S-off rooted VZW M7. On that device, I could not achieve a successful encryption on any ROM other than a "Stock-Rooted" version. YMMV.
Click to expand...
Click to collapse
GoHskrs said:
NJ -
Thanks. That's good information. My requirement is similar, to support Exchange ActiveSync.
After taking backups of everything via TWRP, I just flashed AndyBones' Fluent ROM; we shall see if it allows me to encrypt internal storage.
Click to expand...
Click to collapse
For what it's worth, after flashing the ROM and the MOD pack, turning on "Phone storage encryption" succeeded with no apparent issues. Tomorrow, we'll see if the latest Exchange ActiveSync policies impose any other oddities on me ...
Did that ROM play well with EAS at work?
Sent from my HTC6535LVW using Tapatalk
neutronjeff said:
Did that ROM play well with EAS at work?
Sent from my HTC6535LVW using Tapatalk
Click to expand...
Click to collapse
Don't know yet. I haven't gotten the mobile device management software we use to successfully register itself.
Just to close the loop on this, if you choose to (or have to) enable "Phone storage encryption (Protect content on this phone with a password)", it should be the last major modification you make to your phone. Once I enabled Phone storage encryption, I could still boot into TWRP, which prompted me for a decryption password. However, even though I entered the same password I use on normal system boot, TWRP couldn't unlock my internal storage. I think I ran afoul of a warning on the XDA TWRP forum: NOTE: ONLY AOSP/GPE decryption is supported!! TWRP CANNOT (currently) decrypt HTC Sense ROMs!!
After encrypting, the phone will still work, but you will be unable to flash new ROM images, mount the internal storage partitions, etc. with TWRP. The only option that worked for me, as described over here, was to run an RUU recovery, reinstall TWRP, then flash the version of the custom ROM I wanted. The RUU will wipe your data (and the custom ROM author recommends wiping Dalvik Cache, Cache, Data, and System in TWRP prior to flashing), so make sure you have anything important backed up.
So, any luck with Exchange on that ROM?
Sent from my HTC6535LVW using Tapatalk
I've been trying to install the mobile device management software we use (Afaria), but it keeps cooking back with "enrollment failed". I think it does not approve of my rooted phone.
I'm going to flash back to stock 5.1 and re-encrypt to see if that makes a difference.

[Q][P] Using encryption on your tablet

Hello!
I'd really like to use encryption on my tablet on a custom ROM but am failing spectacularly. Neither on Schischu's Lollipop nor on Schischu's Marshmallow ROM my encryption attempts were successful.
As nobody answered to my posts at all, I am starting to wonder if encryption is used by anybody on our P605. So I'd like to setup this poll to get a rough overview about the use cases of people and understand if it's simply my fault or if this feature is not used and therefore not tested.
Of course, I'd be happy to read some comments below if somebody made it working on a custom ROM (like Schischu's) how this was achieved.
OlafLostViking said:
Hello!
I'd really like to use encryption on my tablet on a custom ROM but am failing spectacularly. Neither on Schischu's Lollipop nor on Schischu's Marshmallow ROM my encryption attempts were successful.
As nobody answered to my posts at all, I am starting to wonder if encryption is used by anybody on our P605. So I'd like to setup this poll to get a rough overview about the use cases of people and understand if it's simply my fault or if this feature is not used and therefore not tested.
Of course, I'd be happy to read some comments below if somebody made it working on a custom ROM (like Schischu's) how this was achieved.
Click to expand...
Click to collapse
Hi,
The fault does not lie with you. I havn't checked encryption on the note 10.1 2014 custom roms but I did check it out on the Note 4 forums. And all the custom roms that I've come across there don't support encryption, either because the dev's don't view it as important (because no one uses it) or because it's see as secondary compared to speed and battery life.
It's a pretty dangerous game to play without encryption, knowing that the lock screen is so easy by-passable. I was able to flash TWRP and root the note 4 without the device auto wiping user data. So e.g. flashing a custom rom onto the device in order to bypass the lockscreen, and therefore being able to access all the person's personal data and apps is pretty much childsplay for a person that's the least bit into tech.
Sad to hear that, but thank you very much for taking your time to post a reply! :good:
Vasishtha said:
It's a pretty dangerous game to play without encryption, knowing that the lock screen is so easy by-passable. I was able to flash TWRP and root the note 4 without the device auto wiping user data. So e.g. flashing a custom rom onto the device in order to bypass the lockscreen, and therefore being able to access all the person's personal data and apps is pretty much childsplay for a person that's the least bit into tech.
Click to expand...
Click to collapse
Indeed - a mobile device is lost or even stolen quite fast. And since we already use custom ROMs and TWRP it's trivial to just access the data via ADB. *sigh* Well, I'm even thinking about going back to a rooted stock ROM with firewall to increase the safety of my local data.... Let's just hope the custom ROMs will support it eventually.
OlafLostViking said:
Sad to hear that, but thank you very much for taking your time to post a reply! :good:
Indeed - a mobile device is lost or even stolen quite fast. And since we already use custom ROMs and TWRP it's trivial to just access the data via ADB. *sigh* Well, I'm even thinking about going back to a rooted stock ROM with firewall to increase the safety of my local data.... Let's just hope the custom ROMs will support it eventually.
Click to expand...
Click to collapse
What are you using a firewall for? Can you link me the firewall your using?
I use xprivacy in combination with a firewall(it's an old one and not available anymore on the app store).
There exists some apps that can wipe your phone automatically if you enter the wrong password to many times, I was using one but I can't find it anymore (locker).
-V
Sure! I am using AFWall+ which makes it easy to select the right processes thanks to the log. And it's not a proxy or so (iptables frontend), so it works on all processes and all connections (WiFi, Cell, Roamin, LAN, VPN).
The firewall in XPrivacy is much more finegrained, as it allows you to block certain IPs/Domains while AFWall+ is blocking the whole network access. So I'd say it depends on your needs and, to be honest, the time you want or can invest into setting up your tablet. I bought XPrivacy and am just downloading the profiles from the net as it takes too much time for me at the moment to find the settings on my own
I have upgraded to Android Lollipop + Root + TWRP.
I would use the full data encryption but it seems that you always have to enter a (long) password each time, when you start or unlocking (!) the Note 10.1 (2014 Edit.)
On my Huawei Mate 7 with Android 5, i can use a Passwort for the start and a pattern for unlocking. So, thats very good and fast, if i have to unlock the smartphone.
Only on my Samsung Note 10.1 there is no pattern methode for unlocking the tablet available.... (the same sh** as in Android 4.4)
While you can change the encryption password to be different from the unlock password (using the CLI), you can also use application like f.ex. Delayed Lock that modify the locking behaviour. I am not letting my phone lock when I am at home (WiFi, not that unuseable GPS/cell from the new Android ), for example. With those two approaches using a good encryption password is no hassle at all

File based encryption or Full Disk encryption

I flashed Nougat's factory image on my 5x a week ago. After playing for a while i noticed the encryption change option in 'Developer Options'.
Also, read that new devices will be coming with File based encryption since it allows direct boot mode.
Is there any performance difference if change the encryption to 'File based' ? I read few user reviews and they were saying that changing encryption to file based did improved little performance.
I'm also interested in this. So bump for a more knowledgeable member to comment.
I think this thread proved pretty conclusively that there is no real world performance benefit in decrypting.
I activated file encryption on my N5X, specifically to allow for direct boot. I had N with full disk encryption on my N5X for about 72 hours before switching. I see no performance difference -- it was smooth before, and it is smooth now.
rockhardy said:
I flashed Nougat's factory image on my 5x a week ago. After playing for a while i noticed the encryption change option in 'Developer Options'.
Also, read that new devices will be coming with File based encryption since it allows direct boot mode.
Is there any performance difference if change the encryption to 'File based' ? I read few user reviews and they were saying that changing encryption to file based did improved little performance.
Click to expand...
Click to collapse
I doubt there is noticeable performance difference.
The main benefit is if your phone reboots in your backpack, it'll boot to the lock screen instead of being stuck asking you for your pattern/pin/password and basically being a useless phone if you don't notice it rebooted.
If you don't have the phone configured to act that way, then it probably isn't of real benefit, currently. There may be additional benefits later on or perhaps with the workplace contexts.
sfhub said:
I doubt there is noticeable performance difference.
The main benefit is if your phone reboots in your backpack, it'll boot to the lock screen instead of being stuck asking you for your pattern/pin/password and basically being a useless phone if you don't notice it rebooted.
If you don't have the phone configured to act that way, then it probably isn't of real benefit, currently. There may be additional benefits later on or perhaps with the workplace contexts.
Click to expand...
Click to collapse
Thanks for your comment.
In that case i think i will be switching to File-based encryption to enjoy direct boot feature.
sfhub said:
I doubt there is noticeable performance difference.
The main benefit is if your phone reboots in your backpack, it'll boot to the lock screen instead of being stuck asking you for your pattern/pin/password and basically being a useless phone if you don't notice it rebooted.
If you don't have the phone configured to act that way, then it probably isn't of real benefit, currently. There may be additional benefits later on or perhaps with the workplace contexts.
Click to expand...
Click to collapse
Hey but can you tell me why the phone reboots in pocket ?
My phone also reboots in midnight when I set a fingerprint on it .
So will decryption solve this issue ?
Thanks in advanced
ABSathe said:
Hey but can you tell me why the phone reboots in pocket ?
My phone also reboots in midnight when I set a fingerprint on it .
So will decryption solve this issue ?
Thanks in advanced
Click to expand...
Click to collapse
My phone never reboots, but some people have set ups that do. It is usually some bug in Android that is triggered by some software you are running or there is some data corruption in your system.
First thing to try would be booting in "safe mode"
https://support.google.com/nexus/answer/2852139?hl=en
If the reboots stop, then it is some app you are running.
If that doesn't narrow it down, try factory reset, then install under new android account, install a couple of apps at a time, until you see reboot. If it reboots right away on fresh install on new account, then you might have hardware issue.
I seriously doubt decrypting your user partition will help with your reboots, but you are welcome to try. If it does help, it will probably be coincidence because you had to format user partition to decrypt your phone which is equivalent of factory reset.
sfhub said:
My phone never reboots, but some people have set ups that do. It is usually some bug in Android that is triggered by some software you are running or there is some data corruption in your system.
First thing to try would be booting in "safe mode"
https://support.google.com/nexus/answer/2852139?hl=en
If the reboots stop, then it is some app you are running.
If that doesn't narrow it down, try factory reset, then install under new android account, install a couple of apps at a time, until you see reboot. If it reboots right away on fresh install on new account, then you might have hardware issue.
I seriously doubt decrypting your user partition will help with your reboots, but you are welcome to try.
Click to expand...
Click to collapse
Actually this issue is there from the first day I started using my phone .. but booting in safe mode does not give any reboots so far and also fingerprint is working nicely too
So I guess I will try factory reset .. can I do it using the option already present in settings ? Or should I flash a factory image ?
Thanks
ABSathe said:
Actually this issue is there from the first day I started using my phone .. but booting in safe mode does not give any reboots so far and also fingerprint is working nicely too
So I guess I will try factory reset .. can I do it using the option already present in settings ? Or should I flash a factory image ?
Thanks
Click to expand...
Click to collapse
Before you do factory reset, I suggest you get rid of any pin/pattern/password you might have configured. This will disable the factory reset protection, just to be on safe side.
You can do it from android.
If you say this problem was there from beginning, then it probably migrated over from existing account restoration of apps. You might want to try installing onto a new google account to test that theory out. The install a couple of apps at a time while verifying everything remains stable.
Hi,
Do folks think that switching to File Based Encryption might help avoid this issue - a decryption failure on reboot with Factory Reset the only solution? My phone is 13 months old and now out of warranty and this has happened 5 times to date - once about 6 months ago, once about 3 months ago and then worryingly 3 times in the last month. Stock unmodified on 7.1.1
Hey, When will TWRP support this? I've been waiting for ages.....

Encrypted M9, Lineage updates

I had issues in the past with encrypting my M8, was using clockworkmod and Cyanogen, and could not process updates without fully wiping.
Ultimately I accepted this because I cannot live with having the phone not encrypted.
I now have a new M9, Running TWRP and Lineage 14.
All is working beautifully, no complaints, however I would like to encrypt the phone so I started doing research if this new setup would have issues.
Seems there is mixed advice on different device models having various issues with encrypted images and TWRP not being able to properly update automatically or manually.
Anyone have an M9, encrypted, TWRP and the latest Lineage.
If so known working versions of TWRP to use or avoid? Any required firmware levels, OS build dates, etc?
Just looking for yes, I am doing it and it works on x+y+x configuration, or No, this is going to end in misery.
Not instructions per se unless there are some specific points that lead to a definitive success / failure.
any advice appreciated.
Hi, I have super inactive on the forum for a very long and I signed in for the first time in a few years to answer this.
I also ran into an issue with encryption and lineage os. I found an answer online that I can confirm worked for me.
I am running the latest nightly (Nov 7) and have no issues with installing updates through the settings menu. I am not sure which time version of twrp I am on at the moment and I can't check right now.
I also have a himaul. As Markus said, the last CM13 was able to encrypt properly. That gives us a time-consuming workaround:
Do a fresh install of cm-13.0-20161218-NIGHTLY-himaul. (I got it from https://archive.org/download/cmarchive_nighlies )
Set a PIN and encrypt the phone normally through settings. (I did not try a password or pattern.)
twrp should be able to decrypt properly. Perform the default (i.e., rm -rf, non-formatting) wipe.
adb sideload lineage-14.1-20170516-nightly-himaul-signed
LOS will boot to the standard decryption prompt and should succeed with the PIN from step 2.
LOS will not have a screen lock enabled. I set the same PIN from step 2 and was able to decrypt with it on the next boot. I changed my PIN to another value and was able to decrypt with the new PIN on the next boot.
If you do not set a PIN in step 2, you will still get a PIN prompt in step 5, but there will be no correct answer and you'll have to start over.
This procedure gave me a himaul running the latest LOS nightly that believes it is properly encrypted. I uploaded a logcat from the CM13 encryption run that succeeded as encryption.cm13.log
Click to expand...
Click to collapse
Source https://jira.lineageos.org/plugins/servlet/mobile#issue/BUGBASH-457 (click to view older comments)
I was able to change the decryption pin (using "cryptfs" from the play store) to a password required upon boot and and I was able to set a pattern lock to unlock the screen.
Edit: To clarify, I ran into a boot loop issue upon trying to encrypt the phone with lineage installed. I can use the automatic updating without issues(so far)
Thank you very much for the input!
I am on the newest twrp-3.1.1-0-hima, and the latest nightly lineage (11/7) as well.
No play store, no google app anything, just a basic subset of productivity tools, and blazing fast performance.
Trying to decide if I want to chance this, this weekend, I will report back for posterity success/fail or at least if I chicken out.
This M9 is running amazingly smooth as is, I hate to toast it, but that's how we learn and the price we pay for not being charged by ATT to be their product
Thanks again for the input, and still would love to hear other's success/fail stories if theyhave them.
Well, to anyone that wants to go there, I can tell you that if you just tell the phone to encrypt, it will not complain, however when it is complete, you will never see the OS again....
Had to reload from scratch, and restore everything I backed up before hand. I did not have time to go back and try alternative ways or methods, maybe next weekend...
The solution I linked worked for me personally, its unfortunate that you couldn't get it to work. Did you do the correct type of wiping ? There is one that deletes the files but leave encryption in tact while the other type is formatting which removes encryption. Also did you give your phone some time to rebuild the dalvik/art cache after installing lineage os?

Categories

Resources