Hello;
After looking for hours about this I'm very angry because of the stupidity of Google. Here I go:
I have configured fingerprint to unlock my phone because I sometimes can't or it's very uncomfortable for me to unlock my phone with a password / PIN / Pattern because using with one hand and I need to unlock as fast as possible all the time.
Now it comes the stupidest thing I've ever seen in my life: no matter what, the phone will ask me to enter whatever I have configured for security, rendering my fingerprint totally useless. This is completely nonsense because it's not configurable by the user. The correct way of doing this is to enable an option for the user to choose: "Additionally ask every 72 hours for the password to provide extra security". Just a checkbox that can be enabled or disabled, because Google should think about the user. This security crazy paranoia is making devices less secure, because people who don't want to enter their password when they have configured fingerprint choose to disable security completely to stop being asked for the damn password.
But I'm asking here because I absolutely know there is a way to disable this, I don't care if it involves hacking / opening / soldering the device, anything to stop this will be welcome, because for me is completely necessary, or else I will have to either sell the phone or disable security completely. Entering the password on startup or when your finger fails 3 times is ok and full of sense, I have no problems with that, but every 72 hours because yes is an absolute no-no, sorry.
I hope somebody knows the exact formula to [email protected] Google / Xiaomi back, because they are simply stupid.
Thanks.
P.S: Please, if you are about to say things like "it's a feature" or "I like it, it makes more secure your device so it makes sense" or "somebody could cut your finger and use it", I prefer you don't post a comment, because I'm looking for a solution not an explanation on why it is like that to understand why the things are done like they are done, I hope you understand.
How about a factory reset?
bigogofthewest said:
How about a factory reset?
Click to expand...
Click to collapse
I think this is the right decision.
Dassote said:
I think this is the right decision.
Click to expand...
Click to collapse
This is bad design from Google. When I was in the crowd (e.g. inside the train), people surrounding me were looking at my finger typing the PIN as I was not able to unlock it using my fingerprint anymore after 72 hours. It makes the phone becoming very insecure. You should lock the phone with PIN only when I am not inside the crowd (e.g. during evening hour)
Related
I know this is kind of stupid but I was wondering if there was any sort of hack or registry edit so that there isn't a minimum length on a pattern lock. Android required that you use at least 4 Dots which actually sort of bugs me because I want my pattern to be super simple to avoid failed attempts. Just brushing across the bottom row, or maybe even just tapping a single dot. A one dot password might seem stupid but if you thing about it, if you handed a person your phone and said, "guess my password" nobody is going to be trying 1 or 2 dot combinations. Everyone is going to draw a pattern. Just wondering if this was at all possible.
agreeing
i completely agree with this request. i too would like to have a single dot password for my phone. this does not seem that unreasonable, there is no rule requiring a password. what difference should it make how long it is? i truthfully do not care to have a password on my phone at all for security reasons. it's incontinent and what does it matter if the phone is stolen? i just prefer that the password screen comes up this if someone just picks up my phone they will think it's locked and hopefully just leave it alone
I looked around, but couldn't find an answer to this. Sorry if this has been asked before; you can close this and point me in the right direction if so.
Is there a way to change the backup/failsafe after the face unlock without redoing the face unlock? What I mean is, can I change from a pattern to a PIN without resetting the entire face unlock? Or can I change the pattern or PIN without resetting it?
I ask this because I have had problems with people going through my phone in the past, so the combination of a new job (with lots of confidential emails, etc.) and crazy girlfriends has made me want to make my phone as secure as possible. While the face unlock + blink keeps it pretty safe, I want to change the backup pattern/PIN from time to time. People see me enter it when the face unlock fails, or once or twice I've had to give it to someone to use my phone when I was across the room or outside or something. Once someone has this pattern/number, the face unlock + blink security measure can be bypassed very easily. Since I do the Improve Face Matching a few times to make the feature better, I'd prefer to not have to redo this every time I need to reset the backup pattern/PIN.
Thanks.
(edit: bump)
Bump...
Bump. I'm guessing this isn't possible considering it's an old thread that has yet to be answered. Either that or it's in the wrong section LOL.
Maybe so, but I really want it answered.
Sent from my SAMSUNG-SGH-I747 using Tapatalk 2
I've just encrypted my Nexus 5 under Android 5.0 and I was hoping I could set a decryption PIN just for the startup boot process, and not every time I unlock my phone. I haven't managed to find a way to do this, though: it's possible to enable a startup PIN if you enable the lock screen PIN, but I don't see a way to simply enable a startup PIN.
My goal is simple: to secure my phone when it's powered off, while making it comfortable to use when it's powered on. Can this be done?
Thank you!
Not by standard. Not sure what affects using apps that turn the secure lock on and off will have. You can test them.
rootSU said:
Not by standard. Not sure what affects using apps that turn the secure lock on and off will have. You can test them.
Click to expand...
Click to collapse
OK, I will, thank you for your response.
jpabloae said:
My goal is simple: to secure my phone when it's powered off
Click to expand...
Click to collapse
When its off its already secure since no electrons flow through it...
jpabloae said:
I've just encrypted my Nexus 5 under Android 5.0 and I was hoping I could set a decryption PIN just for the startup boot process, and not every time I unlock my phone. I haven't managed to find a way to do this, though: it's possible to enable a startup PIN if you enable the lock screen PIN, but I don't see a way to simply enable a startup PIN.
My goal is simple: to secure my phone when it's powered off, while making it comfortable to use when it's powered on. Can this be done?
Thank you!
Click to expand...
Click to collapse
i'd say you want your phone to boot if you loose it (so you can track it), don't you think?
kenshin33 said:
i'd say you want your phone to boot if you loose it (so you can track it), don't you think?
Click to expand...
Click to collapse
That's reasonable in most cases. But there are situations and circumstances in which the data privacy has a higher priority than the ability to track the phone. Anyway the question can be considered independently from its motivations: can I separate the encryption key from the lock screen key? According to issue 29468 and this discussion, it seems it's still not possible.
jpabloae said:
That's reasonable in most cases. But there are situations and circumstances in which the data privacy has a higher priority than the ability to track the phone. Anyway the question can be considered independently from its motivations: can I separate the encryption key from the lock screen key? According to issue 29468 and this discussion, it seems it's still not possible.
Click to expand...
Click to collapse
according to this:
http://source.android.com/devices/tech/encryption/
out of the box, no because the lock screen password/PIN/ is used to encrypt the actual encryption key (randomly generated)
thank you very much b/c indirectly you answered the question I had (the reason I was browsing this thread), namely the boot password thinggy (as I said I'd like the phone to boot, baring an exploit, it's well protected: bootloader relocked, long password, impossible to flash anything without wiping - I sign my builds cm-12 with my own keys, and I crippled the recovery to allow only signed zips-, and no adb -even in recovery- connection outside my own computer, I installed cerberus in the system partition without a backup script, the only way to get rid of it is to explicitly format the system partition, and above all I don't trust the phone ).
that said, it should be possible may be to fiddle with vold's sources to make it so (separate passwords, it shouldn't be too hard ) the only problem in the absence of an "official" solution (be it in AOSP or the flavor du jour Android) the user is backed into a corner : build his own ROM from sources.
Occasionally, while on call, or when I open my phone, I get this message (image below)
"Password required for additional security"
I have fingerprint unlock saved in the settings. Instead of allowing fingerprint unlock, it requires entering my password/pin. I use a long and secure password, so it takes time to enter it and make sure it's correct. I already enter this password everytime my phone boots, so this additional request is extremely annoying and unnecessary.
Does anyone know Why this additional request is made? What triggers it? Or How to disable it?
Any help is appreciated
I am also interested
I get this occasionally and I have a short pin. I think it is very much "backing" up fingerprint security since no security is perfect. Good security involves something you have "fingerprint" and something you know "pin" since it would be very unlikely an imposter would have both. I would be very surprised if there is a way to turn the random check of your pin off.
Sent from my ONEPLUS A6003 using Tapatalk
Unfortunately, this "security check" can make your device LESS secure, because it happens at random times. If you're in the grocery store, at someone's house, or anywhere with security camera's, then entering your Pin/Password can be recorded on video. More businesses and people are installing camera's everyday.
In these situations using Fingerprint (instead of Pin) is More Secure. It's for this reason I want to disable it randomly requiring pin/password
hate this
Yep I hate the one that programed this security feature without an obvious way to turn it off, we don't no one telling us what is good for our security. I want it to unlock everytime I touch the finger print scanner, even at startup, and if anything I want it to lock down if I use a certain finger and then require a password.
Mod edit: Removed unacceptable language.
I actually have a pretty simple PIN just because of this situation otherwise fingerprint is just fine :/
can this be disabled? everyone can see me type in my pin when this happens
I just ordered a Pixel 3a and I was gone for a while from the world of Google phones (since Nexus 4).
I know Magisk hides any trace of root and unlocked bootloader, but is there any disadvantages unique to Pixel devices when rooting, like disabled features or is hiding good enough that there won't be any difference? Just to be sure
Artim_96 said:
I just ordered a Pixel 3a and I was gone for a while from the world of Google phones (since Nexus 4).
I know Magisk hides any trace of root and unlocked bootloader, but is there any disadvantages when rooting, like disabled features or is hiding good enough that there won't be any difference? Just to be sure
Click to expand...
Click to collapse
Nothing as far as i know.
Unstroofy said:
Nothing as far as i know.
Click to expand...
Click to collapse
That sounds great. Wasn't sure if they might have done something through the Titan M or else
Rooting means unlocking your bootloader. This makes your phone at greater risk of being compromised - especially if someone has physical access to your phone (ie you lost it and someone finds it). Therefore you don't want to leave your bootloader unlocked if you have any sort of sensitive, illegal, or secret information on your phone. That's the #1 issue you have to live with. Of course for 99% of the population, there isn't anything really sensitive on their phones.
Google Pay can be hard to get working when rooted. There are ways to make it work, but it's always a cat and mouse game with Google and it may not always work in the future if Google changes something until the developers can catch up. If you can't live without Google Pay, rooting may not be the best choice for you.
There are other apps that can be temperamental when rooted - usually finance apps and some games (because they don't want players cheating). However, the Magisk hide functionality usually works with most of these apps now.
For me, the added functionality that being rooted brings (via modules and apps) is far better than the potential issues.
sic0048 said:
Rooting means unlocking your bootloader. This makes your phone at greater risk of being compromised - especially if someone has physical access to your phone (ie you lost it and someone finds it). Therefore you don't want to leave your bootloader unlocked if you have any sort of sensitive, illegal, or secret information on your phone. That's the #1 issue you have to live with. Of course for 99% of the population, there isn't anything really sensitive on their phones.
Google Pay can be hard to get working when rooted. There are ways to make it work, but it's always a cat and mouse game with Google and it may not always work in the future if Google changes something until the developers can catch up. If you can't live without Google Pay, rooting may not be the best choice for you.
There are other apps that can be temperamental when rooted - usually finance apps and some games (because they don't want players cheating). However, the Magisk hide functionality usually works with most of these apps now.
For me, the added functionality that being rooted brings (via modules and apps) is far better than the potential issues.
Click to expand...
Click to collapse
Tl;dr: nothing new. And never had a problem with any apps. Magisk Hide is working well enough, deleting apps data always works as last resort. And on custom ROMs just use MagiskHide Props Config. And if you are concerned about your data, just use the lockscreen passport as bootup protection. Then it's simply impossible to get to the data through that "insecurity", no matter what you do. And since fingerprint readers a more complex password isn't a problem.
Artim_96 said:
Tl;dr: nothing new. And never had a problem with any apps. Magisk Hide is working well enough, deleting apps data always works as last resort. And on custom ROMs just use MagiskHide Props Config. And if you are concerned about your data, just use the lockscreen passport as bootup protection. Then it's simply impossible to get to the data through that "insecurity", no matter what you do. And since fingerprint readers a more complex password isn't a problem.
Click to expand...
Click to collapse
I'm not sure exactly what you mean by lock screen passport. Can you share some more details?
The insecurity comes from the fact that a person that has physical access to your phone can simply turn the phone off and then start it and hold the power and volume up buttons. This will boot the device into the bootloader. Because the bootloader is unlocked, it allows that person the ability to flash anything and gives that person access to anything they want. That super secure lockscreen password or fingerprint won't help keep them out and does nothing but give users a false sense of security.
When the FBI paid a 1 million dollar bounty to someone to access an iPhone, they were paying someone to get around the bootloader. If you unlock your bootloader, you give this access right from the beginning - for free, and without any effort required.
I'm not trying to be argumentative either. You asked what the drawbacks to rooting were and I was simply trying to give a thorough answer. It's up to the individual user to decide if the the positives of unlocking the bootloader and rooting outweigh the negatives. If you look at my signature, you can see what side of the fence I fall on.
sic0048 said:
I'm not sure exactly what you mean by lock screen passport. Can you share some more details?
The insecurity comes from the fact that a person that has physical access to your phone can simply turn the phone off and then start it and hold the power and volume up buttons. This will boot the device into the bootloader. Because the bootloader is unlocked, it allows that person the ability to flash anything they want. That super secure lockscreen password or fingerprint won't help keep them out.
Again, I'm not familiar with this lockscreen passport you mention, so perhaps there is a way to secure the phone that I am not aware of.
I'm not trying to be argumentative either. You asked what the drawbacks to rooting were and I am simply trying to give an thorough answer. It's up to the individual user to decide if the the positives or rooting and unlocking the bootloader outweigh the negatives. If you look at my signature, you can see what side of the fence I fall on.
Click to expand...
Click to collapse
Was a typo,I meant lockscreen password. Android should ask you, if you set up a lock method other than Swipe to unlock, if you want to be asked for it on bootup.
So no matter what you are able to flash through an unlocked bootloader, /data and with it anything that could be relevant stays encrypted until you enter the lockscreen pin/pattern/password, no matter if you do this on the screen that will interrupt bootup after a few seconds or in TWRP. So it doesn't matter what you could come up flashing, as long as you don't find a way to extract the encryption key from the secure storage either in Titan M or any ARM processor, there is no way to get your hands on user data. The only thing you can do is simply wipe /data. Then you can start up new, but the users data will be gone.
And no, I never asked for disadvantages of root itself since there are little to none, I just asked for Pixel unique stuff since Google always adds stuff that other OEMs won't use for years to come.
Artim_96 said:
And no, I never asked for disadvantages of root itself since there are little to none, I just asked for Pixel unique stuff since Google always adds stuff that other OEMs won't use for years to come.
Click to expand...
Click to collapse
I misunderstood your initial post then, but the title of the thread says, "Disadvantages of rooting?"
sic0048 said:
I misunderstood your initial post then, but the title of the thread says, "Disadvantages of rooting?"
Click to expand...
Click to collapse
Fixed that. Hope the text is more clear now.
But could you reproduce what I explained? Because I would be very surprised if that was unique to Motorola and not AOSP