Different device encryption password than screen unlock pattern/PIN/password - LineageOS Questions & Answers

Hello,
It's possible with the last version of LineageOS, to have a different device encryption password than screen unlock pattern/PIN/password ?
Like this old APP : https://github.com/xmikos/SnooperStopper
SnooperStopper allows you to have different device encryption password than screen unlock pattern/PIN/password. You can have strong device encryption password (which you only need to enter once after booting your device) but simple pattern/PIN/password for unlocking your screen.
Click to expand...
Click to collapse
Thanks

Related

How do i check if my phone is encrypted?

With Samsung devices, turning on device encryption force you to use 6 characters password (alphanumeric), which is troublesome if you use your phone often.
What I found out is that after I set such password, complete the device encryption and go back to the Lock Screen setting, I can change the password to 4 digits.
Going back to encryption setting, it said I can now encrypt the device, but must use 6 characters password. But isn't my phone already encrypted? AFAIK, there is no turning off encryption once it's done.
So at this point, is my phone encrypted or not?
lanwarrior said:
With Samsung devices, turning on device encryption force you to use 6 characters password (alphanumeric), which is troublesome if you use your phone often.
What I found out is that after I set such password, complete the device encryption and go back to the Lock Screen setting, I can change the password to 4 digits.
Going back to encryption setting, it said I can now encrypt the device, but must use 6 characters password. But isn't my phone already encrypted? AFAIK, there is no turning off encryption once it's done.
So at this point, is my phone encrypted or not?
Click to expand...
Click to collapse
The phone is encrypted but like you said you cannot permanently decrypt the phone once the process is completed.
DConrad2010 said:
The phone is encrypted but like you said you cannot permanently decrypt the phone once the process is completed.
Click to expand...
Click to collapse
Thanks for the info.
I am curious why initially the device requires alphanumeric passwords (which I created), but once encryption is done, I can go back to the "Lock Screen" and change it to just numeric password. I believe this will NOT remove encryption, but for confirmation, want to check if the encryption is still there.
lanwarrior said:
Thanks for the info.
I am curious why initially the device requires alphanumeric passwords (which I created), but once encryption is done, I can go back to the "Lock Screen" and change it to just numeric password. I believe this will NOT remove encryption, but for confirmation, want to check if the encryption is still there.
Click to expand...
Click to collapse
I had to un-encrypt my phone by unrooting via Oden. Once i Odened then you have to do a factory reset and you are un-encrypted for good.

Device doesn't boot up because it needs a password?

Hi,
i already thank you for all answers. There's a big problem with my device.
It's an OnePlus 3 with the MarshROM. Everything worked completely fine until i wanted to install SuperSU via recovery. It showed up that it needs a password. But i never did this password! It's none of my known passwords, so what should i do now?
Thanks for your answers and I apologize for my english.
did u make a nandroid backup, also is it asking for the pw in twrp or when trying to get into the OS
Yes, i can't enter TWRP and yes i did a nandroid backup
If you set up fingerprints, it also means you had to set up a backup PIN. Your partition is encrypted, so try the PIN to unlock
castironpuppet said:
If you set up fingerprints, it also means you had to set up a backup PIN. Your partition is encrypted, so try the PIN to unlock
Click to expand...
Click to collapse
Tried it, also doesn't work..
It happened me once, it asked for my password and not the fingerprints to unlock the screen. But my password didn't work. I rebooted the OP3 and as I activated the option to ask password at boot, it asked for a password before booting and my usual password worked (that same password that I tried before rebooting if I didn't made myself clear).
For flashing supersu, yes it ask a password and it's the password that you set up when you register your fingerprint. At first I used a pin code but I could not remember the pin because I only remember the position I input on the numerical keyboard and in twrp it use a full keyboard. So I changed for a password and it worked fine.
The device is encrypted so you need a password if you need to flash something.
If you can still boot your device, choose 1234 as a pin. If it's asking you for a password at boot, then you are screwed.
So no returning?
Le_Zouave said:
It happened me once, it asked for my password and not the fingerprints to unlock the screen. But my password didn't work. I rebooted the OP3 and as I activated the option to ask password at boot, it asked for a password before booting and my usual password worked (that same password that I tried before rebooting if I didn't made myself clear).
For flashing supersu, yes it ask a password and it's the password that you set up when you register your fingerprint. At first I used a pin code but I could not remember the pin because I only remember the position I input on the numerical keyboard and in twrp it use a full keyboard. So I changed for a password and it worked fine.
The device is encrypted so you need a password if you need to flash something.
If you can still boot your device, choose 1234 as a pin. If it's asking you for a password at boot, then you are screwed.
Click to expand...
Click to collapse
Exordos said:
So no returning?
Click to expand...
Click to collapse
Okay i did it. Going to make a tutorial
you mean chosing a password in the phone resolved your problem?

[SOLVED] Encrypted but no need to enter password

Hey guys,
I have always had my op3 encrypted and I've become used to always entering the pin when booting up, accessing twrp etc. but today when I rebooted into twrp I didn't have to enter any pin to use twrp. When booting up the system I didn't have to enter a pin either.
When I check the settings under Security & Fingerprint it looks as in the attached screenshot, I don't have any options to decrypt or anything either
I'm running OOS 4.1.3, FrancoKernel #23 , Magisk 12, twrp-3.1.0-x_blu_spark_v27.
Is this something that anyone has experienced and know how to fix?
I want to keep my encryption but then, of course, you should have to use the pin.
Cheers!
Then the pin is defaulted and thus you don't need any. I don't need one, too and never did, but all is encrypted (Even locked down with a pin on bootup and fingerprint otherwise)
I believe this is an option you need to setup during the wizard when you initially set up the device. It asks you whether you want to require a pin on startup or not.
But, you can also turn this on by going to settings>security>screen lock.
From there, you click on the area where it says PIN. Confirm your pin, then click PIN again, and there should be an option to require pin for startup. Other than that, you are still encrypted, but it is all bypassed in order for quicker startup.
Sent from my ONEPLUS 3 using Tapatalk
noobtoob said:
I believe this is an option you need to setup during the wizard when you initially set up the device. It asks you whether you want to require a pin on startup or not.
But, you can also turn this on by going to settings>security>screen lock.
From there, you click on the area where it says PIN. Confirm your pin, then click PIN again, and there should be an option to require pin for startup. Other than that, you are still encrypted, but it is all bypassed in order for quicker startup.
Sent from my ONEPLUS 3 using Tapatalk
Click to expand...
Click to collapse
Ah that was it! it had somehow disabled itself, simply going in and enabling "require pin to start device" solved it.
Thanks!
Try removing the lock screen password and setting it up again and it will be back again in twrp.?

Device encryption using lock screen password

Hi,
I have Mi 9 SE with global rom v 10.2.2.0(PFBMIXM).
When I go to system settings->Additional settings->Privacy->Encryption & credentials, it shows that my device is encrypted. But in the past on other xiaomi phones I owned there used to be an option "Encrypt Device with lock screen password" which is missing in MI 9 SE.
So, in the past the phone used to ask for lock screen password during boot and only then then system/data disks would be decrypted and phone would start booting. Now this is not happening because the phone is using whatever device default password it has for decrypting the device during boot up. So I have following questions,
1) Can someone with above version of global rom confirm that they also do not have "Encrypt Device with lock screen password" option?
2) Can we also confirm if China and EEA Roms are also missing these options?
3) Is there any possibility of somehow enabling the "Encrypt Device with lock screen password" because I would really like to use my password for encryption rather than some device default password.
Many thanks in advance for your help
There is no way doing this and it's this way on all ROMs.

Encrypt device using lock screen password

How does it affect device encryption by enabling or disabling the 'Encrypt using lock screen password' option (in privacy settings)? What is opposite? What password is used for encryption if this turned off?
If this is enabled, then a password is required before running the android.
But when this option was not turned on, the menu showed "encrypted" anyway and the Terminal (termux), after entering 'getprop ro.crypto.state' and 'getprop ro.crypto.type' I received the message 'encrypted' and 'block'. So, the device was encrypt anyway (at least in theory).
The question is what changes the inclusion of this option and is it really worth?
wholegrain said:
... The question is what changes the inclusion of this option and is it really worth?
Click to expand...
Click to collapse
The result will be that Android (and TWRP) will not start until you enter the lockscreen password. If you don't reboot your phone very often, then you may be able to live with the hassle (bootup will be much slower). And you'd better not forget the lockscreen password. But if the bootloader is unlocked, and/or TWRP is installed, nothing stops anyone from formatting the data partition and using the phone for their own purposes.
Does it give you any extra protection over standard encryption + fingerprint or lockscreen password? If your bootloader is locked, then maybe. Is it worth it? That is a matter of opinion - but I personally wouldn't bother with it. The greatest security risk lies in unlocking the bootloader. Once you unlock it, the phone itself is easy to commandeer, even if your data is safe because of encryption.
DarthJabba9 said:
But if the bootloader is unlocked, and/or TWRP is installed, nothing stops anyone from formatting the data partition and using the phone for their own purposes.
Click to expand...
Click to collapse
You mean 'using for their own purposes' with my data or after wiped? Anyway, I enabled this additional authentication. I don't have unlocked bootloader or TWRP. If the phone is turned off, then stranger can wipe (by holding power + volume up) and use it as its own.
I'm interested in what the difference in access to my data by a stranger is when the option is enabled or disabled. When enabled - I understand that when the bootloader is locked and there is no TWRP, the stranger can't access the device's data. When disabled - data supposedly encrypted, but is not the "default" password recoverable too easily?
wholegrain said:
You mean 'using for their own purposes' with my data or after wiped?....
Click to expand...
Click to collapse
Your data cannot exist after the data partition has been formatted. If your bootloader is locked, then you don't need to worry too much - just don't forget your lockscreen password.
As for standard encryption with default password, this enables TWRP to access the encrypted storage without asking for a password. This is what a lot of people expect (and demand). Some people who are very concerned about data security often prefer to have to enter a password, even to start TWRP. It is all down to individual taste.

Categories

Resources