Something strange and unexpected has happened with my Nexus 5... Upon first setting up my device after unlocking it and rooting it, I encrypted the phone before ever adding any of my info or apps to it, full knowing that I would forever have to use a locked screen etc. To side step the annoyance and lack of security that Android has with having the Encrypted boot time password being the exact same as the lockscreen's password I used this app 'Cryptfs Password' to change the boot time password to something much more lengthy and secure, while allowing me to have a standard simplified passcode for simple screen unlocks.
As time went on I found myself in need to wipe the device to troubleshoot an issue I was having with my wifi and wireless tethering no longer functioning properly, I wished to go back to an initial factory state to begin doing restores from Titanium to find the culprit per say and figur eout where I went wrong and borked my ability to toggle wifi.
Upon wiping the phone in TWRP (standard dalvik, cache, and ROM - not system or data) I rebooted and flashed my Titanium Backup.zip and Super USer.zip and then proceeded to set up the device again when I noticed something very odd...
I still needed to enter my previously exact password upon booting the device, however the lock screen no longer any security of any kind!
When I checked in settings this is what I found:
https://i.imgur.com/RR2SFxL.png
Clearly you can see the device is still encrypted however the default "slide" screen lock is now able to be used? Whaaaaat?!?!
Opening the Screen Lock settings menu reveals:
https://i.imgur.com/FtOqUY5.png
I have not yet sleected to change it to a PIN or PASSWORD as I am home and wanted to see if I could gather any other information about this first. I have a feeling that upon changing to a PIN or PASSWORD that I would not be able to change it back again.
Is this a flaw or error of some kind? I do not see any huge security vulnerability, I mean even though this does allow you to bypass the lockscreen, you still need the password at boot to even get into the phone or any Recovery - but this is interesting nonetheless. I was under the impression that it was IMPOSSIBLE to have both device encryption and essential NO LOCK SCREEN?!?!
I have seen threads such as this one: http://forum.xda-developers.com/showthread.php?t=1873700 where it is shown and discussed how to use the pattern lock for example, but this is obviously much different.
Can anyone else replicate this with their own android device?
EDIT:
Was able to find this thread https://groups.google.com/forum/#!topic/android-security-discuss/G4N5pBreyhM
where someone was able to essentially achieve a similar situation by using a 3rd party lock screen....
Related
Great...... Got this message appearing and can't rescan a fingerprint I need to. Can't do anything with the scanner now really. It still works with the prints that are scanned but I've noticed it's unpredictable.
I'm trying not to root this phone as I would like to use Samsung pay when it comes, so don't want to trip Knox. However, if I was rooted I reckon this would be a fairly easy fix. As it is, I can't find a way. I've deleted cache and data for the fingerprint app but it's having no effect. I could factory reset but this started for no reason, so it will start again after a factory reset no doubt.
Did you reboot? What carrier/model do you have?
Clean the button?
Reflash your firmware that should fix it use smart switch
In case this happens to anyone else - I found a fix.
I had enabled developer options and then enabled oem unlock. I had done this as I was going to install TWRP and then root the phone, but decided not to for reasons mentioned in my first post.
Anyway, I disabled oem unlock and developer options and now the scanner works again. Worked for me - hope it works for you.
But oem option not see in my phone s6 edge G925W8
This happened to me before and I spent quite a while googling different ways to fix it with no luck...I had to just wipe and start again. I changed to a pattern lock today whereas normally I go without, however for various reasons I wanted it on. When I have went to change it back to just swipe, its greyed out and says 'disabled by administrator, encryption policy or credential storage'.
I know its not the end of the world but I'm so used to just swiping, so its a bit of a pain. Anyone know how to fix it or will I have to factory reset and start again?
Did you ever figure this out? I just dug up my old p8max and want to use it as a tablet for the kids. Would be nice to not have a pattern, pin, etc...
I recently unlocked my Honor 8, and then installed this RROS Rom which I used for about a week. I had some issues with the camera and reboots while driving, hearing music over bluetooth and using Google Maps at the same time, so I tried a few other Roms (LineageOS, halogenOS, AOSPA).
With my first RROS installation, I could use my lockscreen + fingerprint sensor as usually. The problem is, after installing another ROM (I believe I tried AOSPA first), I'm not able to configure Settings->Security->Screen Lock to something other than Swipe. Everytime I try to set one of these, I can create a PIN, password or pattern, but when confirming it the settings app just force closes. When I reopen it and click on Screen Lock again, the settings app just asks me to confirm e. g. my PIN again, and force closes when I do so, without anything changed on my lock screen.
I tried installing all Roms mentioned above, and I even tried to wipe my internal storage in case there's something messing it up. Yet when starting one of the ROMs, I cannot set anything for Screen Lock.
I found this thread, and thought that maybe I could either clear credentials (but it's grayed out) or change Storage Type from Hardware-backed to something like Software-backed, but it seems I cannot change this option.
Has anyone any advice what I could do to regain the ability to set a lock screen (and therefore also use fingerprints again)? Thanks in advance!
A friend helped me analyse errors in MatLog and find a solution:
It seems the fingerprints from my first RROS installation were still stored in the phone, I had to delete all folders in /data/misc/keystore/ and then reinstall my ROM, then I could set fingerprints again!
daxlero said:
A friend helped me analyse errors in MatLog and find a solution:
It seems the fingerprints from my first RROS installation were still stored in the phone, I had to delete all folders in /data/misc/keystore/ and then reinstall my ROM, then I could set fingerprints again!
Click to expand...
Click to collapse
When you say reinstalled, you mean a clean installation? Or only flashing ROM?
Sorry, it's so long ago I can't really remember. I guess it was a clean install - mostly went that path for fixing problems - but can't say for sure.
Let me tell you a story (you can skip if you want to):
Once upon a time I ****ed up the back layer of the touch screen during repair and desperately tried to use my phone with my PC, found some tools online that let me simulate my phone's screen via ADB. Didn't got that working, ADB was unable to recognize my phone. Ok. Then i taped together the touchscreen (one of the absurdest things i ever did), reconnected it to the phone and guess what. It worked. I booted into recovery mode first and it worked flawlessly. No issues whatsoever. "Wonderful" i thought to myself, booting into system mode eagerly. The boot animation went by without any crashes, graphical issues or anything one could think off, and i even was able to enter my pin. When i did that i was full of enthuisasm. But that didn't last long. The SystemUI began to crash constantly, the lockscreen hasn't even finished building and it crashed again. I was absolutely unable to use the device and utterly devasted. Then i absolutely knew: i. ****ed. up.
But that didn't keep my from trying things out and eventually i was able to get past the lockscreen (without a SIM card so no PIN required) without any crashes and back up at least Whatsapp and a few other apps. But then i made the mistake of turning the screen off which set me back to square one: constant SystemUI crashes. I tried again and again and again and finally, after hours of work i got in a second time. This time, i thought to myself, i gonna make things differently. I backed up everything with Titanium, thought of myself to be safe. Which i technically was, i got backups of everything now. Then i decided to re-flash the rom without a factory reset which didn't do anything. Luckily there is an unofficial build of the ROM i'm using (Resurrection Remix) and i clean flashed it. It worked. Flawlessly. I was thrilled. The phone i was ready to toss into the trash finally worked again. I set everything up, thought myself to be safe but boy was i wrong. Google made regular (i think daily) backups of my apps and contacts and all so i wanted to restore that first. But it required a Pattern which i don't have because i always had a 5x5 pattern and it gave me a 3x3 pattern. I didn't know what to do with it!
I continued setting up my phone after failing to restore that backup and then instantly continued to restore the backup i made with Titanium, It installed all the missing apps, apparently restored the data. Nice. But there are a few apps that don't like that restored data so they just didn't use it and started from scratch again (like SwiftKey). Also, some of my contacts are missing and i'm lowkey too lazy to like the existing ones to Whatsapp again.
Tl;dr: ****ed up phone, got it working again, some apps didn't accept the Titanium backup and now i want to restore the Google backup which requires a 3x3 pattern which i don't have because i always used a 5x5 pattern.
Well, the question is simply: Is there a way to unlock the Google Drive backup without that pattern or do i need to try my luck again accessing the old Data (made a TWRP backup before flashing the new ROM)? If i do need to try again, how do i disable the lock on my backups? Do i only need to change my pattern to a 3x3 one?
I can't unlock my phone with the Pattern I assigned it. I always use the same Pattern, so I was pretty sure it's not an error. When I draw the pattern, it says "incorrect pattern" and makes me wait 30 seconds before trying again (from the first try).
Luckily, I have access to Samsung's Find my Mobile, I unlocked the device, removed the lock. But every time I restart the device, the bugged lock screen would come back, and I would have to unlock the device again with Find my Mobile.
please note that I can't set a new lock after unlocking the device, it will revert back to no lock after setting a new pattern/pin/password. definitely a bug.
if there is any method to fix this, or to reset Samsung's lock screen app, please let me know!
my device is Samsung Galaxy A8+ in case anyone was curious.
I never set a lock on a phone or bios password on PCs... now you know why.
You're lucky it was recoverable... some lockouts are not
Data corruption can trigger this and it's just random luck if it happens or not. Even if rare you can see the implications. You're now very close to being completely locked out as it stands
You can try a clearing the system cache and data from the apk(s) controlling it.
Try a hard reboot.
Factory reset... if that fails it's probably hardware. Or simply keep it unlocked and in your possession at all times which is the best security.
blackhawk said:
I never set a lock on a phone or bios password on PCs... now you know why.
You're lucky it was recoverable... some lockouts are not
Data corruption can trigger this and it's just random luck if it happens or not. Even if rare you can see the implications. You're now very close to being completely locked out as it stands
You can try a clearing the system cache and data from the apk(s) controlling it.
Try a hard reboot.
Factory reset... if that fails it's probably hardware. Or simply keep it unlocked and in your possession at all times which is the best security.
Click to expand...
Click to collapse
I'd like to keep it unlocked, yet as I mentioned, it will spring back again immediately as I restart the phone. It won't be funny to get my phone locked outside my home and not having a pc near to access find my mobile to unlock it
I'm trying to avoid factory reset, too much data to back up and I'm quite lazy to do it
And it seems like there is no way to clear cache/data, as the Samsung's lock screen doesn't appear in storage/apps. (Or it is there with some strange system name?)
This thread may help you as it helped me. Read the full thread first.
https://forum.xda-developers.com/t/solved-samsung-a20-twrp-restore-data-sm-205w.4261401/
majdcomp said:
I'd like to keep it unlocked, yet as I mentioned, it will spring back again immediately as I restart the phone. It won't be funny to get my phone locked outside my home and not having a pc near to access find my mobile to unlock it
I'm trying to avoid factory reset, too much data to back up and I'm quite lazy to do it
And it seems like there is no way to clear cache/data, as the Samsung's lock screen doesn't appear in storage/apps. (Or it is there with some strange system name?)
Click to expand...
Click to collapse
Oh my bad, it locks no matter what. That's not good.
Boot menu>clear system cache (don't hit factory reset by accident).
Google for the button sequence to hit for that model. Timing is critical, you might need to try more then once.
That might get it.
Try clearing the Dynamic Lock Screen data.
I would backup all critical data now if you haven't. Do not use Smart Switch to transfer settings if you do factory reset, ha-ha.
Someone here probably has a better solution as I know little about this system.
As always do a Google search, you can probably use solutions from other Samsung models going back a few years.
Erratic and strange behavior can also be a sign of a virus, rootkit etc.
When in doubt, factory reset especially if you can't track down the root cause.
Finding the root cause and correcting it is always preferable to a factory reset but not always possible. If the OS load is older then a year a factory reset be a good plan anyway... nothing like a clean, fresh OS.
Delete your Google account before you factory reset so that doesn't password pester you. I'm told if you reset from settings vs the boot menu that doesn't happen. Not sure haven't tried a factory reset that way.
sammiev said:
This thread may help you as it helped me. Read the full thread first.
https://forum.xda-developers.com/t/solved-samsung-a20-twrp-restore-data-sm-205w.4261401/
Click to expand...
Click to collapse
Can you do that on a stock Android that's not rooted?
blackhawk said:
Can you do that on a stock Android that's not rooted?
Click to expand...
Click to collapse
You would need to be rooted.
sammiev said:
You would need to be rooted.
Click to expand...
Click to collapse
I read if you load TWRP you'll lose things like Samsung Pay.
Seems risky at least to me. I like to play with it but don't have a phone to burn.
A factory reset for me at this point is fairly painless ie no data loss and takes under a couple hours.
If it's of any interest here:
On Android the pattern lock data (SHA-encrypted) is kept in a file named gesture.key and stored in the /data/system folder.
If phone's Android is rooted you simply delete that file to bypass the pattern lock. Using ADB you would run command sequence
Code:
adb devices
adb shell "rm -f /data/system/gesture.key"
to achieve this.
The phone should be now accessible with no pattern lock applied.