CM13, disabling periodic password request - HTC One A9

Dear All,
my phone is periodically requesting password insead to accept the fingerprint (every 2 days?). Because i have a very long passphrase, encrypted device with boot-password this "feature" has 0 benefit for me. As touchsceen typing-hater (this is pure digital paralympics) i really get frustrated when i have to type in this passphrase. Is there any way to get rid of this "feature"? I don't want to switch back to a simple PIN.

If your talking about passphrase on boot, you can disable it by re-setting up you password, and the first thing it asks you is if you want secure boot

Sorry, i though i was writing in english but it seems that it was mandarin. Absolutely not, i mean the unlock password.

? no, it periodically locks the device down for more security. When this happens does it read "password needed for security" or something like that?

Yes, and this is just senseless. I've replaced the A9 by a S7, so doesn't interest anymore.

Related

[Q] [REQ] enable/disable password screen lock

Hi,
I don´t even know if this is possible due to security policies, but can anybody knows or can make an app that allows to simply switch between slide and password screen locks?
In other words: Today if I want to set the password I have to type it ...twice. Then when I want to disable the password I need to type it again- Then I can disable the password , but it is not remembered. So if I later want to re-enable the password, well, I have to set a new password and type it twice again.
What I would like is for the password to be remembered internally, and to easily and quickly switch between password and no password.
Not sure if it is even possible to do for rooted phones.
Thanks
Gonzalo

[Q] Android Encryption Problem

I have a phone that I use for corporate purposes so there is a password requirement for each wakescreen.
This is obviously absurd, so I used Xposed module to "nuke" the password. The coorporate app still thinks there's a password and I've never lost my phone, so that's good.
However one shortcoming of this is, if on the off chance I do lose my phone, using Prey, or Android Device manager, I cannot "lock" the phone, because the xposed module takes it out.
I'd like to do the full encryption, still keep the password "nuked", but somehow be able to reactivate the lock, or at the very least shutdown the phone remotely in case I do lose it, when it comes back on the password will be active.
I could perhaps use tasker to accomplish this, but it's a bit tricky.
TlL;dr
Password Lock must think it's on, but not. (so corporate app doesn't boot me out)
Phone must be able to be remotely locked - or turned off.
The Cerberus App, does exactly what is needed, including full wipe, reboot, etc.
https://www.cerberusapp.com/
Full device encryption on mobile devices is useless for several reasons:
https://security.stackexchange.com/...ny-advantages-to-android-full-disk-encryption

Lollipop - Enabled encryption. Not sure if it worked

Hey guys
I flashed the factory images last night effectively wiping my Nexus 5 and starting from scratch. I did not restore apps and settings either. After I manually installed a bunch of my apps back and changed around a few settings, I decided to enable encryption. However, I don't think it enabled properly.
First, I had not set a PIN lock on my phone yet at the time.
When I decided to enable encryption and go through the process, it didn't ask me to enter a PIN.
It seemingly completed encrypting the phone. When I go back to the security menu, it says "Encrypted".
However, I am not prompted to enter a PIN upon booting the phone (not talking about the lock screen PIN).
So, it seems like it didn't work but I'm not sure. Has anyone else enabled encryption yet?
and yes, I saw the performance degradation that comes with enabling encryption but I'd rather have the security.
definitely sounds like there's an issue there. Do you have a custom recovery? If so, you could boot into that, pull some data and see if it opens. If it does, yeah its not encrypted.
Not worth mentioning degradation. All encryption always has and always will have performance degradation. It's par for the course
That sounds like a good idea. If it's not encrypted, then I guess the only method is to wipe and reinstall again.
mattkroeder said:
That sounds like a good idea. If it's not encrypted, then I guess the only method is to wipe and reinstall again.
Click to expand...
Click to collapse
I think so. You can't reverse the encryption flag without a wipe I dont think
mattkroeder said:
Hey guys
I flashed the factory images last night effectively wiping my Nexus 5 and starting from scratch. I did not restore apps and settings either. After I manually installed a bunch of my apps back and changed around a few settings, I decided to enable encryption. However, I don't think it enabled properly.
First, I had not set a PIN lock on my phone yet at the time.
When I decided to enable encryption and go through the process, it didn't ask me to enter a PIN.
It seemingly completed encrypting the phone. When I go back to the security menu, it says "Encrypted".
However, I am not prompted to enter a PIN upon booting the phone (not talking about the lock screen PIN).
So, it seems like it didn't work but I'm not sure. Has anyone else enabled encryption yet?
and yes, I saw the performance degradation that comes with enabling encryption but I'd rather have the security.
Click to expand...
Click to collapse
Not sure, but i think it's designed to works just like that, the encryption key is not the PIN anymore but something (random?) that is stored somewhere on the phone.
that would protect the data in case someone tries to read it directly from the phone's memory, but useless if you don;t have a PIN/PASSWORD.
I avoided encryption before for exactly that reason (requiring a password to boot). If I lose the phone I want the person that found/stole it to be able to at least boot it. if the person is not a thief there's a contact number so they can call me to give it back. if he/she's a thief well, as long as it's on I can call it, track it, wipe it. even brick it.
by not being able to boot it, the chances of getting it back are 0 if the battery dies or is dead!
http://readwrite.com/2014/10/28/google-android-lollipop-encryption-issues
there isn't much info out there about it.
kenshin33 said:
Not sure, but i think it's designed to works just like that, the encryption key is not the PIN anymore but something (random?) that is stored somewhere on the phone.
that would protect the data in case someone tries to read it directly from the phone's memory, but useless if you don;t have a PIN/PASSWORD.
I avoided encryption before for exactly that reason (requiring a password to boot). If I lose the phone I want the person that found/stole it to be able to at least boot it. if the person is not a thief there's a contact number so they can call me to give it back. if he/she's a thief well, as long as it's on I can call it, track it, wipe it. even brick it.
by not being able to boot it, the chances of getting it back are 0 if the battery dies or is dead!
http://readwrite.com/2014/10/28/google-android-lollipop-encryption-issues
there isn't much info out there about it.
Click to expand...
Click to collapse
I went ahead and wiped the phone again. I reinstalled lollipop and made sure to enable a lockscreen PIN before I enabled encryption. It seems to have encrypted properly. It prompts me for my PIN at boot up now.
You make a good point about encryption making it more difficult for someone to get a hold of me if I lose the phone though.
Same problem here, with Nexus 5 and Android v5
My work Exchange server enforces a security policy to the phone which forces you to enable encryption. So I went ahead and did that, and the email app is still saying that encryption needs to be enabled. When I reboot the phone I never get prompted for a PIN to decrypt the device, yet in the settings screen it says it is encrypted.
I'm going to have to re-flash. Is it possible the issue is caused by leaving the bootloader unlocked? or is this is a bug?
EDIT: Update. Reflashed, but first thing I did was relock the bootloader and enable a security screenlock PIN, *then* encrypted the phone. Now it's prompting me for a PIN on boot and looks like it's worked. Hope the Exchange email policy stays happy this time, as it worked before for about a day before it complained about the lack of encryption
this worked for me also
I did what was stated below and it worked....
1. reflashed,
2. locked bootloader
3. created lock pin
4. encrypted, THEN
5. added MDM control (MAAS360) and exchange email.
It seems to work OK now.
Thanks!
JoyrexJ9 said:
Same problem here, with Nexus 5 and Android v5
My work Exchange server enforces a security policy to the phone which forces you to enable encryption. So I went ahead and did that, and the email app is still saying that encryption needs to be enabled. When I reboot the phone I never get prompted for a PIN to decrypt the device, yet in the settings screen it says it is encrypted.
I'm going to have to re-flash. Is it possible the issue is caused by leaving the bootloader unlocked? or is this is a bug?
EDIT: Update. Reflashed, but first thing I did was relock the bootloader and enable a security screenlock PIN, *then* encrypted the phone. Now it's prompting me for a PIN on boot and looks like it's worked. Hope the Exchange email policy stays happy this time, as it worked before for about a day before it complained about the lack of encryption
Click to expand...
Click to collapse
mattkroeder said:
Hey guys
I flashed the factory images last night effectively wiping my Nexus 5 and starting from scratch. I did not restore apps and settings either. After I manually installed a bunch of my apps back and changed around a few settings, I decided to enable encryption. However, I don't think it enabled properly.
First, I had not set a PIN lock on my phone yet at the time.
When I decided to enable encryption and go through the process, it didn't ask me to enter a PIN.
It seemingly completed encrypting the phone. When I go back to the security menu, it says "Encrypted".
However, I am not prompted to enter a PIN upon booting the phone (not talking about the lock screen PIN).
So, it seems like it didn't work but I'm not sure. Has anyone else enabled encryption yet?
and yes, I saw the performance degradation that comes with enabling encryption but I'd rather have the security.
Click to expand...
Click to collapse
If you set up a screen lock pin the phone will ask you then if you would like the PIN to be enabled or not at boot.
kenshin33 said:
Not sure, but i think it's designed to works just like that, the encryption key is not the PIN anymore but something (random?) that is stored somewhere on the phone.
that would protect the data in case someone tries to read it directly from the phone's memory, but useless if you don;t have a PIN/PASSWORD.
I avoided encryption before for exactly that reason (requiring a password to boot). If I lose the phone I want the person that found/stole it to be able to at least boot it. if the person is not a thief there's a contact number so they can call me to give it back. if he/she's a thief well, as long as it's on I can call it, track it, wipe it. even brick it.
by not being able to boot it, the chances of getting it back are 0 if the battery dies or is dead!
http://readwrite.com/2014/10/28/google-android-lollipop-encryption-issues
there isn't much info out there about it.
Click to expand...
Click to collapse
Sorry for OT, but how can you remotely brick your phone? Just curious in case I ever need to. Don't live in the best of neighborhoods. I can remote wipe, track, take pics. The normal lost/stolen stuff, but I haven't heard of remotely bricking a phone ever.
Nexus 5 still looking to be encrypted
Only a temp fix---Both my Nexus 7, and Nexus 5 just started asked to be encrypted again....
This is still a problem with Lollipop
thegasmaster said:
I did what was stated below and it worked....
1. reflashed,
2. locked bootloader
3. created lock pin
4. encrypted, THEN
5. added MDM control (MAAS360) and exchange email.
It seems to work OK now.
Thanks!
Click to expand...
Click to collapse
wipe efs partition (I do have a backup on my computer) and the phone is no longer a phone.
Just to be clear, you can enable encryption on Android 5.0, and it will not force you to lock the phone. (Like the PIN screen and boot lock). When you buy a Nexus 6/9 the data partition is encrypted but there's no lock set. The following is from this article;
First, the encryption doesn't help much if you haven't set a passcode. Ludwig said studies have shown that roughly have of users don't set passcodes on their devices, largely because they find it inconvenient to keep entering them dozens of times a day. Lollipop will still encrypt your data, but it will also automatically decrypt it in normal use. So if you don't have a passcode, much of your information will be available to anyone who picks up your phone.
Click to expand...
Click to collapse
So if you've enabled encryption, and gone through the process, you're phone data partition is encrypted. It's just not locked down until you use some kind of phone lock too. BTW, the article goes on to describe the limited usefulness of having an encrypted data partition and no phone lock;
Lollipop's encryption still offers some limited protection even under those circumstances—for instance, by protecting stored data against anyone who tries to read it directly from the phone's memory. That could shield user passwords and other sensitive data from attackers.
Click to expand...
Click to collapse
As to why Exchange policies don't see the phone as encrypted is probably due to another issue.
Setting PIN to be required at startup after encryption possible fix
I now have my Nexus 5 & 7 working with exchange on Lollipop using this-
1. Reflashed Lollipop
2. Let phone reinstall all my apps
3. Locked bootloader.
4. Set a screen lock PIN
5. Encrypt phone
6. Set screen lock PIN to be required on start up (this was missing before!)
7. Installed MDM control via Mass360-all policies look to be met, including encryption
8. Installed my exchange account via Gmail
//code.google.com/p/android/issues/detail?id=79342
Updated thread with solution
---
* It used to be that when I did a reboot or shutdown and restart, I would have to enter a password before the system fully started.
* But now the phone boots into the phone without putting in my password. I can reboot the phone and it will boot all the way to the Lock screen, and I can unlock the lock screen with my fingerprint or my backup password.
* I am concerned that somehow my device is either no longer encrypted or that there is some setting which has stored the boot password.
--
Solution :
For those of you who find they have this problem and have not solved it, I found a solution that works, related to a bug (feature?) in Accessibility.
Apologies if this was suggested further in the thread, and that I'm replying to an old post. But I recently had this problem and figured out a solution.
- Accessibility was enabled and for some reason this cached the boot password. So- when I removed the app (rights) and turned off accessibility, and changed (reset/reentered) the password in security settings... On next boot the phone correctly asked me for password.
YMMV.
subs said:
I posted this elsewhere... But I'm having the same problem. Any thoughts? I can post more details, but don't want to repost this everywhere that I see people having the same unresolved problem.
---
* It used to be that when I did a reboot or shutdown and restart, I would have to enter a password before the system fully started.
* But now the phone boots into the phone without putting in my password. I can reboot the phone and it will boot all the way to the Lock screen, and I can unlock the lock screen with my fingerprint or my backup password.
* I am concerned that somehow my device is either no longer encrypted or that there is some setting which has stored the boot password.
Click to expand...
Click to collapse
Hi, please try not to bump threads almost a year old. I realise that it might have taken you a while to actually reach this thread, but hear me out.
Opening a new thread is always better, since software versions, features and devices are most likely different, along with different device usage habits/users.
You say you're having "the same problem"... as.. who exactly? There's a bunch of different specific "issues" that relate to encryption. Be specific.
For instance, you mentioning fingerprint sensor leads me to presume that you are not using a Nexus 5.
Sent from my Nexus 10 using Tapatalk

Phone unencrypted and forcing me to use a password

Hi all,
I have a CAT S30, when I set up my Exchange email it forced me to use a password on the device.
After looking through the security settings I can see the device is not encrypted. If I encrypt the device will it allow me to remove the password on the device (I need to enter it every time I unlock the screen and it's bugging me).
If I turn on the encryption will I be able to turn off the forced screen lock security that's currently in place?
thanks,
T-L-H

Request: App for decoy password on lock screen

This is just a question. Is there any way that i can set up a decoy password on my nexus 5 lockscreen? I am rooted and running LineageOS 14.1 and the phone passes SafetyNet, and has internal storage encrypted. Here's an example: your real pin is 13579, but you want a decoy pin (24680). When 13579 (real pin) is entered, the phone will unlock like normal. But, if 24680 (decoy) is entered, then the phone should switch to a different (possibly restricted) user, so that if you are stopped at an airport and your phone is confiscated and the authorities ask for your pin, you can give them the decoy. The switching users should be invisible, so that the authorities don't suspect anything. If they ask about the main user, i can just make up an excuse like "This is my friend's phone, and i am going to visit him. He just added me as a restricted user". Note: i just want to keep my privacy and make sure that my data is safe.

Categories

Resources