I factory wiped my phone under Marshmallow, and then updated it to Nougat with the OTA update, but when I boot up, I discovered that I am only proposed to add fingerprints to the phone. I am not offered to add a password for encryption. In the settings menu, adding a password does not appear anywhere. And it says the phone is already encrypted.
I don't understand what is going on. How can I encrypt the phone using a password?
fnoingw said:
I factory wiped my phone under Marshmallow, and then updated it to Nougat with the OTA update, but when I boot up, I discovered that I am only proposed to add fingerprints to the phone. I am not offered to add a password for encryption. In the settings menu, adding a password does not appear anywhere. And it says the phone is already encrypted.
I don't understand what is going on. How can I encrypt the phone using a password?
Click to expand...
Click to collapse
You don't see an option above fingerprint under security in settings (swipe)? Click it.
Related
Regardless of device encryption and fingerprint scanners and the like, couldn't someone just get your phone, boot into recovery, and factory reset it? Wouldn't that undo any security you had on device?
Yes but the actual files have been encrypted. So while they can start the device fresh and use file recovery tools to "get" the old files, they are useless.
And they would be useless to everyone after that, even you? I guess that would be pretty good. So you encrypt to protect your user data, and you fingerprint lock to make sure nobody can ever decrypt, even if they factory reset thru recovery, which will get past your fingerprint scanner but not previous encryption. That right?
Actually since lollipop you must log out of your Google account before a reset. If you just factory reset you well still have access to the device to track it out wipe your account from it.
I could be wrong here, but if you have stock recovery, a factory wipe can only be started in the phone's settings menu. If you have twrp installed, a wipe can be started with out being in the phone, but you need a password to start it.
If you do wipe the phone, it is still useless as you need the persons gmail username and password to complete the setup, so the phone is useless to all other users bar the user of the phone.
I think you can factory reset from stock recovery.
So I don't get it. I thought user data was encrypted from phone, i.e., the internal storage. If I factory reset, I don't need a Google account to start the phone up. So then couldn't I access the internal storage data with a file explorer?
You have to authorize the phone to sync with your computer so you can not get on that way either. If you do not authorize you can not push adb or anything else.
As km8j said, yes, you can factory reset the phone, but you won't be able to recover any of the encrypted data. That's why before you get rid of an old phone you should encrypt (if it wasn't) and wipe it.
jackdubl said:
I think you can factory reset from stock recovery.
So I don't get it. I thought user data was encrypted from phone, i.e., the internal storage. If I factory reset, I don't need a Google account to start the phone up. So then couldn't I access the internal storage data with a file explorer?
Click to expand...
Click to collapse
Thats not quite right. If you factory reset your phone, you do need a google account to complete the initial setup wizard. The only exception is if the user releases it from his or her's google account so it can be sold on.
But yes to complete the instillation it will ask for a google account that has been authorised and wont continue until it gets it. This happens automaticly the first time you sign in to play store.
Also factory reset will fully wipe the phone, brand new out of the box. It also wipes the users data, so if you were able to get on the phone, there would be no data to access. I really do like the way google have thought about it. Also I never keep anything on the phone that I would consider critical.
A lot of inaccurate information here. You have been able to skip that Google account setup on all android phones for the past few years. Also in basically any file system, when joy delete a file, even formatting, the content is not deleted. So while the information is not there at face value when you wipe the phone it can easily be recovered without encryption.
Sent from my Nexus 5X using Tapatalk
Yeah, that keeps confusing me. I have activated so many phones without inputting a Google account. It says "skip" right there on the screen!
Didn't Google introduce the security features with the Nexus 6 and 5.0? It locks the phone to your google account even after a factory reset but requires compatible hardware.
I haven't seen it mentioned with this year's devices but when setting up a pin on the 5x I believe it asked if I wanted to enable that feature.
Sent from my Nexus 5X using Tapatalk
jackdubl said:
Regardless of device encryption and fingerprint scanners and the like, couldn't someone just get your phone, boot into recovery, and factory reset it? Wouldn't that undo any security you had on device?
Click to expand...
Click to collapse
No. If your data is encrypted, no one can access it without your decryption key. As for access to the device, if you had set up a Google account on the device, and had a lockscreen password/pin/pattern/etc., then no one else can use the device other than you unless you remove your Google account and lockscreen password before you factory reset. This was a new feature introduced with devices that sold with 5.0+
Panzerapple said:
Actually since lollipop you must log out of your Google account before a reset. If you just factory reset you well still have access to the device to track it out wipe your account from it.
Click to expand...
Click to collapse
Yes!
Stephen said:
I could be wrong here, but if you have stock recovery, a factory wipe can only be started in the phone's settings menu.
Click to expand...
Click to collapse
With the stock recovery, you can reset either from within Android or from within the stock recovery.
jackdubl said:
So I don't get it. I thought user data was encrypted from phone, i.e., the internal storage. If I factory reset, I don't need a Google account to start the phone up. So then couldn't I access the internal storage data with a file explorer?
Click to expand...
Click to collapse
Prior to devices shipped with 5.0+, this was true. No longer.
km8j said:
A lot of inaccurate information here. You have been able to skip that Google account setup on all android phones for the past few years. Also in basically any file system, when joy delete a file, even formatting, the content is not deleted. So while the information is not there at face value when you wipe the phone it can easily be recovered without encryption
Click to expand...
Click to collapse
Yes, you can skip Google account setup. However, IF you do set up a Google account and a lockscreen password, THEN you cannot skip the Google account setup on that device after a factory reset (if you hadn't already removed the account prior to the reset).
bblzd said:
Didn't Google introduce the security features with the Nexus 6 and 5.0? It locks the phone to your google account even after a factory reset but requires compatible hardware.
I haven't seen it mentioned with this year's devices but when setting up a pin on the 5x I believe it asked if I wanted to enable that feature.
Click to expand...
Click to collapse
+1.
With kudos to @Captain_Throwback and company, I was able to install the latest OTA (January security update) for the M9 despite being rooted (systemless, phh/Magisk) and having TWRP 3.0.3-0 installed - just tapped 'install' when prompted and off we went (yes, I'll have to re-install TWRP, but still, wow).
My phone is encrypted and during the update I noticed that I was not prompted to decrypt it. Instead, I saw the message "Device decrypted with default password" come up. This is new to me, and a little disconcerting - but perhaps this is normal for this kind of update process? I'm unfamiliar with Linux in general and the command-line side of Android in particular, but if someone could tell me a bit about this, I'd appreciate it - is this normal behavior? And if so, how is it not a security risk (ie, a backdoor around my password/encryption)?
Thanks,
Computerslayer
That just means you don't have a password set up "on boot" in Android, which means it's encrypted with the default password, which is simply "default_password". So TWRP applies that and is able to decrypt your device automatically. If you want to be prompted to enter a password in TWRP, add a password "on boot" in Android.
Captain_Throwback said:
That just means you don't have a password set up "on boot" in Android, which means it's encrypted with the default password, which is simply "default_password". So TWRP applies that and is able to decrypt your device automatically. If you want to be prompted to enter a password in TWRP, add a password "on boot" in Android.
Click to expand...
Click to collapse
Ah! That makes sense. It seems I disabled this when I enabled Lockdown Pro as an accessibility service. I've got the password back in place for boot now. Thank you.
Thank you also for the latest version of TWRP and the ability to install OTAs with TWRP installed. With the advent of monthly security updates, it's nice to be able to have TWRP support installing them easily.
computerslayer said:
Ah! That makes sense. It seems I disabled this when I enabled Lockdown Pro as an accessibility service. I've got the password back in place for boot now. Thank you.
Thank you also for the latest version of TWRP and the ability to install OTAs with TWRP installed. With the advent of monthly security updates, it's nice to be able to have TWRP support installing them easily.
Click to expand...
Click to collapse
No problem - just make sure you manually install that firmware!
Captain_Throwback said:
No problem - just make sure you manually install that firmware!
Click to expand...
Click to collapse
Yeah, I've gotta still do that.... (pardon me while go re-read your instructions again)
GUys I have emui 5 version Android 7.0, It is a fingerprint enabled, and I have forgotten the password. My Gmail email ids are already added to that phone. I can unlock the phone using my fingerprint. Is there any way to recover or reset the password without hard reset or complete reset?
bilalrajput said:
GUys I have emui 5 version Android 7.0, It is a fingerprint enabled, and I have forgotten the password. My Gmail email ids are already added to that phone. I can unlock the phone using my fingerprint. Is there any way to recover or reset the password without hard reset or complete reset?
Click to expand...
Click to collapse
Try using Android device manager reset / erase it remotely, or you just need to give it new password
I recommend you install Magisk and root the phone, and then more possibilities will open up. Best I can say is to factory reset, but back up stuff first.
i have the phone updated to android pie and rooted with magisk the latest version and i have twrp recovery on it
but while installing one of the mods (youtube vanced) and after it rebooted the phone asked for my pattern (not on the lock screen but the encrypted startup feature which i didn't turn on but i have changed my pattern a few days ago but i use the fingerprint always on the phone)
i forgot the pattern for the phone and i tried on it and it says 9 more tries and my phone will be wiped
is there a way to find the pattern on my google account since it's linked to the phone and it automatically uploads it to the cloud ? or is there a way to bypass it ?
Note:i know it sound like i stole the phone but i have proof of ownership if anyone wants(the box and the google account linked to it are mine and is linked to this account)
thanks in advance
Do you have access on twrp? If entered first time pattern should be saved and you can access data.
Simply reboot in twrp, if no pattern is asked make a backup of data partition (that will be unencrypted) just in case you will need to wipe and search for a way to access twrp-saved pattern.
You could also try the google feature "find my device" and change pattern, but as phone its encrypted i dont really think it will work.
mac12m99 said:
Do you have access on twrp? If entered first time pattern should be saved and you can access data.
Simply reboot in twrp, if no pattern is asked make a backup of data partition (that will be unencrypted) just in case you will need to wipe and search for a way to access twrp-saved pattern.
You could also try the google feature "find my device" and change pattern, but as phone its encrypted i dont really think it will work.
Click to expand...
Click to collapse
sadly the "find my phone" doesn't help
and in TWRP it asks for the key too and when i press cancel and try to go to data/system where the pass key is there is nothing (it must be encrypted as well)
and twrp says that my data is 0mb and can't even back it up because it's encrypted
Ok, but it doesnt say that data will be wiped, so you can try a lot of patterns.
Unfortunatelly theres no way to bypass because data is encrypted, you should try again and again and prepare yourself for a complete wipe.
cuper22 said:
i have the phone updated to android pie and rooted with magisk the latest version and i have twrp recovery on it
but while installing one of the mods (youtube vanced) and after it rebooted the phone asked for my pattern (not on the lock screen but the encrypted startup feature which i didn't turn on but i have changed my pattern a few days ago but i use the fingerprint always on the phone)
i forgot the pattern for the phone and i tried on it and it says 9 more tries and my phone will be wiped
is there a way to find the pattern on my google account since it's linked to the phone and it automatically uploads it to the cloud ? or is there a way to bypass it ?
Note:i know it sound like i stole the phone but i have proof of ownership if anyone wants(the box and the google account linked to it are mine and is linked to this account)
thanks in advance
Click to expand...
Click to collapse
What twrp did u use I keep reading it's bricks in pie
rob420p said:
What twrp did u use I keep reading it's bricks in pie
Click to expand...
Click to collapse
the one posted here on(although i'm sure i'm not using it correctly since every time i need to open it i need to fastboot boot twrb.img) it's been like that since 8.1
cuper22 said:
the one posted here on(although i'm sure i'm not using it correctly since every time i need to open it i need to fastboot boot twrb.img) it's been like that since 8.1
Click to expand...
Click to collapse
That's some bugs I've heard about it.on the post it recommends not useing that one for pie.u might want to look on Google I did see something about a emcrptiin patch
Hi All
Please excuse me if this has been answered before, I have a brand new Mi A2 Lite, all seems to be working fine but when I try to encrypt the phone (requirement for work) then it does into an endless reboot recycle and never completes so I have to do a forced wipe and reboot of the phone to get it back to a useable state, I am new to the whole Android experience so don't fully understand all the terminology used in these forums so please be gentle with me
I also do not see any option to update the phone even though it keeps telling me that it couldn't install system updates, so if you can help with that as well I would really appreciate it.
Thanks
Mark
MFUGATT said:
when I try to encrypt the phone (requirement for work) then it does into an endless reboot recycle and never completes so I have to do a forced wipe and reboot of the phone to get it back to a useable state
Click to expand...
Click to collapse
The phone always has encryption. You can enable a password too. Settings -> Security -> Screen Lock. What exactly did you do?
MFUGATT said:
I also do not see any option to update the phone even though it keeps telling me that it couldn't install system updates, so if you can help with that as well I would really appreciate it.
Click to expand...
Click to collapse
Settings -> Security -> Security Update
You need develooer mode in to use adb. Then see the section If the OTA fails on this guide.
https://forum.xda-developers.com/mi-a2-lite/how-to/10-0-4-0-to-10-0-7-0-ota-keeping-magisk-t3916863
a1291762 said:
The phone always has encryption. You can enable a password too. Settings -> Security -> Screen Lock. What exactly did you do?
Settings -> Security -> Security Update
You need develooer mode in to use adb. Then see the section If the OTA fails on this guide.
https://forum.xda-developers.com/mi-a2-lite/how-to/10-0-4-0-to-10-0-7-0-ota-keeping-magisk-t3916863
Click to expand...
Click to collapse
Thanks for replying
I go into Settings > Security & Privacy > Encryption & Credentials and then select Encrypt Phone, it tells me it needs to be fully charged and pulled in and then I select encrypt, it then goes into a reboot loop and needs to be hard reset, so never actually encrypts it.
I don't see Security Update in the security settings even after enabling developer mode.
Sorry for sounding stupid but I am new to all this
Thanks
Mark
MFUGATT said:
I go into Settings > Security & Privacy > Encryption & Credentials
Click to expand...
Click to collapse
Are you on Oreo or Pie? What version number do you see in Settings -> About?
Eg. My phone says android version 9 (that's pie) and build number PKQ1.180917.001.10.0.14.0.PDLMXIM (that's the September update).
I found that encryption screen burried under advanced.
My phone is already encrypted. No option to disable. That's what this phone does. Custom ROMs need a special encryption disabler.
MFUGATT said:
and then select Encrypt Phone, it tells me it needs to be fully charged and pulled in and then I select encrypt, it then goes into a reboot loop and needs to be hard reset, so never actually encrypts it.
Click to expand...
Click to collapse
That's definitely not standard for Pie. I'm fairly certain it's not how Oreo worked either...
MFUGATT said:
I don't see Security Update in the security settings even after enabling developer mode.
Click to expand...
Click to collapse
Hmm...
If you're on Oreo the update screen will be in a different place. I normally go Settings -> System -> Advanced -> System Update.
There have been people who bought A2 Lite but got a hacked Redmi Pro 6 instead... Don't panic yet, but if things are seeming odd... Look at this thread for some signs your phone was tampered with.
https://forum.xda-developers.com/mi-a2-lite/help/mi-a2-lite-lineageos-box-t3934710
MFUGATT said:
Thanks for replying
I go into Settings > Security & Privacy > Encryption & Credentials and then select Encrypt Phone, it tells me it needs to be fully charged and pulled in and then I select encrypt, it then goes into a reboot loop and needs to be hard reset, so never actually encrypts it.
I don't see Security Update in the security settings even after enabling developer mode.
Sorry for sounding stupid but I am new to all this
Thanks
Mark
Click to expand...
Click to collapse
Mi A2 Lite already comes encrypted by default. I know this because I use an work profile too.
I can be wrong, bit are you sure you got a genuine Mi A2 Lite, with the official ROM? Go to Settings -> About Device. Post a screenshot, please.
I've had a similar issue with 2 devices (32 and 64 gb variants), both phones unencrypted themselves without me doing something weird, the normal behavior with an encrypted phone is that when you reboot or turn on the device it asks for a pin to fully boot, but my phones after some usage skipped that step and boot without the pin, after that I cant re enable encryption unless I wipe the phones, both aren't redmi 6 pro because i checked and they receive every monthly update without any problem, i'm guessing it is a memory issue ( read somewhere mi a1 and a2 had eMMC problems)
a1291762 said:
Are you on Oreo or Pie? What version number do you see in Settings -> About?
Eg. My phone says android version 9 (that's pie) and build number PKQ1.180917.001.10.0.14.0.PDLMXIM (that's the September update).
I found that encryption screen burried under advanced.
My phone is already encrypted. No option to disable. That's what this phone does. Custom ROMs need a special encryption disabler.
That's definitely not standard for Pie. I'm fairly certain it's not how Oreo worked either...
Hmm...
If you're on Oreo the update screen will be in a different place. I normally go Settings -> System -> Advanced -> System Update.
There have been people who bought A2 Lite but got a hacked Redmi Pro 6 instead... Don't panic yet, but if things are seeming odd... Look at this thread for some signs your phone was tampered with.
https://forum.xda-developers.com/mi-a2-lite/help/mi-a2-lite-lineageos-box-t3934710
Click to expand...
Click to collapse
Thanks, so it would appear I have been sold a fake phone, following the instructions I appear to have a Redmi Pro 6, so the next question is how can I get this phone to a state where I can encrypt it.
Many thanks
Mark
MFUGATT said:
Thanks, so it would appear I have been sold a fake phone, following the instructions I appear to have a Redmi Pro 6, so the next question is how can I get this phone to a state where I can encrypt it.
Many thanks
Mark
Click to expand...
Click to collapse
First double check which your model is through fastboot using:
Code:
fastboot getvar
if you receive a code sakura then your model is Redmi 6Pro and the better would be returning it completely to stock or you´ll have more troubles in the way.