I am getting a password requested when I boot up my phone.
This has been bothering me over the last several days.
It turns out it is forced by an exchange account I have set to synchronize with my phone.
Is there any way to force this password request to be ignored?
It is not the exchange ID password, rather it is a new password that exchange requires to be entered on phone boot-up in order to enforce security on my phone.
I already use pattern lock, so this is redundant... not to mention annoying.
I don't know if it can be bypassed. I'd like to know too, because although convenient for me, I will not put my work email on my device if I am forced to password protect my screen, as was the case with my Samsung Epix. I'd prefer to be forced to enter my credentials each time I were to check my work email than to enter a pass to unlock my screen.
a_fuegon said:
I don't know if it can be bypassed. I'd like to know too, because although convenient for me, I will not put my work email on my device if I am forced to password protect my screen, as was the case with my Samsung Epix. I'd prefer to be forced to enter my credentials each time I were to check my work email than to enter a pass to unlock my screen.
Click to expand...
Click to collapse
I would think that the pattern lock would satisfy any need for protecting my email from unauthorized use... a 4 digit numeric code is less secure than the pattern lock, which has 9 points and who knows how many possible combinations.
There have been quite a few discussions about this. Lockpicker seems to work but the developer states only for the HTC Sense.
I'm sure IT managers aren't going through any effort to change their security policies and endure all that's involved to change something they feel is currently effective, regardless of the users sentiments. It's up to us the users to find a way to circumvent or deal with it.
a_fuegon said:
There have been quite a few discussions about this. Lockpicker seems to work but the developer states only for the HTC Sense.
I'm sure IT managers aren't going through any effort to change their security policies and endure all that's involved to change something they feel is currently effective, regardless of the users sentiments. It's up to us the users to find a way to circumvent or deal with it.
Click to expand...
Click to collapse
It is frustrating, given the fact that this is a new change. For the longest time I thought it was something i did while modding my phone.
I will try the "get IT to fix it" route, but I have my doubts anything will come of it.
Otherwise, I will need to get someone to look at lockpicker.
Thanks.
joeybear23 said:
I would think that the pattern lock would satisfy any need for protecting my email from unauthorized use... a 4 digit numeric code is less secure than the pattern lock, which has 9 points and who knows how many possible combinations.
Click to expand...
Click to collapse
The problem with the pattern lock is you can almost always figure out the pattern based on the screen smudge left behind by it.
This could be overcome if the lock screen didn't show up the same way every time. Either larger / smaller scale or in a differnt orientation then the last previous time (sometime upside down and sometimes landscape). Then the smudges would overlap / confuse each other a little bit atleast.
If the e-mail account is a business account and is controlled by an IT group that isn't you, they're protecting their business. They don't want devices out there with no password and an open line to their systems. If you want your phone to sync with their e-mail account, then you have to accept their security requirements. I don't know why everyone thinks that they should be able to bypass an IT groups security requirements simply because they're inconvenienced by a passcode. A middle ground would be a passcode just to read that e-mail account, but I don't think any of the mobile devices offer such a feature. The simplest solution is still simply to not sync that e-mail account or check it as an IMAP account if you can.
Remove IT Security.
There is a way to get rid of this prompt but you will need a SQLDB editor like SQLite and Root explorer or something similar.
if you open up root explorer then go to DBDATA\DATABASES and then browse down to com.android.providers.settings then open settings.db
you will see a list of items, if you go under "system" then scroll 3/4 of the way down you will see the section for ITsecurity policy. [this is what the exchange services enforced on your phone.
if you change the section "devicelock_itpolicy_enabled" from a 1 to a 0 this will obviously disable this policy.
once the change is done you will need to restart your phone and you will notice upon the restart that it does not ask you for the password again.
problem with this is that its a remote policy however and the phone WILL be pushed this information again. [probably after only a day or two of use]
someone could probably write a MCR script to take care of this easily.
I've found the best way for me ot make the change is to copy the settings.db to another folder [like on my SD card] then make the change I need there.. and whenever there is a repush of the policy, I just overwrite the one settings.db with the other.
this is a temporary solution.. but it does get rid of the password policy.
another option maybe setting the timeout value listed below that.. some exchange policy will only check for the "password enabled" portion to be checked. but the default timeout maybe adjusted to something crazy..
default for my org is 40 minutes. [IE 2400 seconds] so adjusting it to 4000 minutes may just make me not worry about this value as much
l7777 said:
If the e-mail account is a business account and is controlled by an IT group that isn't you, they're protecting their business. They don't want devices out there with no password and an open line to their systems. If you want your phone to sync with their e-mail account, then you have to accept their security requirements. I don't know why everyone thinks that they should be able to bypass an IT groups security requirements simply because they're inconvenienced by a passcode. A middle ground would be a passcode just to read that e-mail account, but I don't think any of the mobile devices offer such a feature. The simplest solution is still simply to not sync that e-mail account or check it as an IMAP account if you can.
Click to expand...
Click to collapse
You are correct. They are protecting their interests and spend lots of money doing it.
Now, I did sense a bit of anger or frustration in your post. If so, calm down. These companies have every right to ensure that they deliver their info as securely as possible. Seeing as we do live in a free country, if somone decides they want to circumvent some established policies, then so be it. It'll be them that will have to suffer the consequences of their actions, not you. I for one am annoyed by those security features. Hence the absence of my company email from MY device.
If it bothers you, you do have the right to skip this thread and move on to the next one.
a_fuegon said:
You are correct. They are protecting their interests and spend lots of money doing it.
...
Click to expand...
Click to collapse
What is funny is the fact that requiring a 4-digit password at boot up does very little to keep unwanted eyes looking at email on a phone.
How often do thieves steal a powered-off phone... Plus it takes only seconds to hack through that anyway.
It's like gun laws: it only creates another hoop to jump through for the people playing by the rules.
joeybear23 said:
What is funny is the fact that requiring a 4-digit password at boot up does very little to keep unwanted eyes looking at email on a phone.
How often do thieves steal a powered-off phone... Plus it takes only seconds to hack through that anyway.
It's like gun laws: it only creates another hoop to jump through for the people playing by the rules.
Click to expand...
Click to collapse
I disagree - the idea here is to protect data for certain amount of time - it is a barrier, but not made to be foolproof.
Do you leave your house door unlocked? It takes seconds to smash a window or pry a door, so why lock it? You have an alarm? I can turn off the power and cut the phone line from outside - so i just easily circumvented this too. I can shoot or poison the dog, so that is not perfect either.
I like the PIN Lock, and I wish i could add one to my phone. If you lose your phone, you don't want people getting to your stuff before you can wipe it. The PIN does that it, gives you time.
And it is not that easy to bypass unless you keep your phone in USB Debug mode, and even then Android should prompt for the PIN before mounting drives or granting ADB access - if it doesn't then Android has a major security flaw.
The pattern lock is a joke - as mentioned, i can usually see someones pattern. That coupled with the idea, that although there are 9 starting points, the next point is only one of 3 adjacent points, and so on for the next. If it is really complex it becomes hard to remember - unlike numbers which can be many digits long and easy to remember.
I for one am happy to comply with a PIN lock - it keeps people i know from picking up my phone and rooting around.
alphadog00 said:
...
I for one am happy to comply with a PIN lock - it keeps people i know from picking up my phone and rooting around.
Click to expand...
Click to collapse
So you power down your phone after every use?
Because this PIN lock only comes up at boot up...
and the numbers are visible when you type them in.
a_fuegon said:
There have been quite a few discussions about this. Lockpicker seems to work but the developer states only for the HTC Sense.
Click to expand...
Click to collapse
Didn't work on my captivate, and as I understand it, it shouldn't work on any captivate because it changes Sense-specific settings.
I didn't really read through this thread, but if this is indeed a corporate exchange account, then there is no way around it.
joeybear23 said:
So you power down your phone after every use?
Because this PIN lock only comes up at boot up...
and the numbers are visible when you type them in.
Click to expand...
Click to collapse
On my Samsung Captivate it is requiring it everytime the screen goes blank. With HTC WM phone i was able to set this to 24 hours so it would only ask once a day or on power off then back on. If I could make it prompt just a little less I would be fine with it.
mreevimus said:
On my Samsung Captivate it is requiring it everytime the screen goes blank. With HTC WM phone i was able to set this to 24 hours so it would only ask once a day or on power off then back on. If I could make it prompt just a little less I would be fine with it.
Click to expand...
Click to collapse
Same here. Everytime the phone wakes is a big pain. I set my winmo phone for 2 hours.
I also work from a company that does this. Using the standard email app connection to exchange server, it requires the pin unlock when coming out of standby after a certain number of minutes. VERY annoying.
The best way around it will cost you $20. Using Touchdown, the pin unlock is in the app only. It will only prompt you for it when you actually use the app (again after a certain number of minutes).
I have a phone that I use for corporate purposes so there is a password requirement for each wakescreen.
This is obviously absurd, so I used Xposed module to "nuke" the password. The coorporate app still thinks there's a password and I've never lost my phone, so that's good.
However one shortcoming of this is, if on the off chance I do lose my phone, using Prey, or Android Device manager, I cannot "lock" the phone, because the xposed module takes it out.
I'd like to do the full encryption, still keep the password "nuked", but somehow be able to reactivate the lock, or at the very least shutdown the phone remotely in case I do lose it, when it comes back on the password will be active.
I could perhaps use tasker to accomplish this, but it's a bit tricky.
TlL;dr
Password Lock must think it's on, but not. (so corporate app doesn't boot me out)
Phone must be able to be remotely locked - or turned off.
The Cerberus App, does exactly what is needed, including full wipe, reboot, etc.
https://www.cerberusapp.com/
Full device encryption on mobile devices is useless for several reasons:
https://security.stackexchange.com/...ny-advantages-to-android-full-disk-encryption
Dear All,
my phone is periodically requesting password insead to accept the fingerprint (every 2 days?). Because i have a very long passphrase, encrypted device with boot-password this "feature" has 0 benefit for me. As touchsceen typing-hater (this is pure digital paralympics) i really get frustrated when i have to type in this passphrase. Is there any way to get rid of this "feature"? I don't want to switch back to a simple PIN.
If your talking about passphrase on boot, you can disable it by re-setting up you password, and the first thing it asks you is if you want secure boot
Sorry, i though i was writing in english but it seems that it was mandarin. Absolutely not, i mean the unlock password.
? no, it periodically locks the device down for more security. When this happens does it read "password needed for security" or something like that?
Yes, and this is just senseless. I've replaced the A9 by a S7, so doesn't interest anymore.
So my Dad uses a Galaxy Note 10 Plus. He works at a high level judiciary position i cant mention, so information stored on his phone are govt. classified stuffs. Security is very vital.
He is almost 70 , so memorising pins and password is not his thing.
Therefore he uses Face Unlock/Face ID feature and Fingerprint scanner for unlocking phone and securing his apps.
But this morning, for God knows what reason, his phone can ONLY by unlocked via GESTURE PATTERN.
The thing is, Dad never uses gesture pattern, he must have set it when he first recieved the phone from the govt. He doesnt recall the gesture anymore.
All the officials have been trying their luck with the gesture unlock to no avail.
He needs to recover his phone data fast.
Is there a way for him to unlock his phone using face ID, fingerprint, or even email authorisation or something like that??
As far as I know, after you've tried many times, you will get a messages "Forgot pattern" on the lower left corner of your lock screen. Touch Forgot pattern and enter Google Account info to clear the lock.
Just hope he can still remember the password for the google account!
Just keep on trying until the phone starts asking you for the account (mail) and it's password.
Use the account data (password) to unlock the phone.
It is possible that his employer has the phone under MDM (Mobile Device Management). That is very common on mobile devices that access secure information from an employer. It allows them to control settings on the phone. If so, they may be the ones that changed the settings and they also may be able to unlock the phone.
Hi XDA peoples. I come to you in times of great need, and to satisfy your curiosity.
Recently, my mother enabled biometrics on her discover banking app, specifically face ID. However, this enabled face unlock on the entire phone and, in doing so, set a password for the phone. Note, there was no password or any other authentication on this phone before - completely open device. Now she is completely locked out of the device due to the default security settings requiring a password every 4 hours. Remote unlock is disabled, so there is no hope of that working.
Now, my question is this: is there a password that the device would automatically apply if needed? And if so, does anybody know what it is?
Thanks.
Device is a T-mobile S21+, 8G RAM 128GB Storage.
I appreciate all help.
factory reset from recovery mode + unlock FRP with google account