Related
Even if one has installed some kind of lockdown/tracking software + lock pattern there is always the possibility that a thief would know how to reflash and/or wipe the phone or be able to use Google to find out how.
Has anyone worked on adding the possibility of locking access to fastboot, recovery and OS boot? (Password protecting adb would also be a nice addition.)
There is not much these forums about it. Here is a thread that died: http://forum.xda-developers.com/showthread.php?t=531225
I would be fine with compiling my own recovery image if that is what it takes to get my own password, but I guess fastboot is the biggest concern.
I hope some smart developers will take their time to read this and think about it. Let's hear some input on how big of a task this is. I am sure it can be done, so take the challenge and show us some love.
wow this is an awesome idea. ya because apps like mobiledefense or wavesecure would be useless if the thief knows how to wipe the phone. this would be great and i would love to see it work. i dont know crap about making my own recovery or else i would do it if thats what it means to make my own password protected recovery. but like u said, fastboot is a greater challenge.
I could see recovery maybe having this but the bootloader you are out of luck unless you have a dev or holiday version of the nexus. We currently cant flash custom SPL's because they are sig checked.
What happens when you forget your password? Brick?
MatMew said:
What happens when you forget your password? Brick?
Click to expand...
Click to collapse
Damn if you forget it than you are just too stupid, lol Jk
but good question, however i don't think any development on this will be done anytime soon, id definitely support it though if it ever starts.
Locking the SPL would require us to be able to write/flash one, which is currently impossible
Maybe a petition to google to set forth this new option then?
Because I was thinking the same thing...our laptops can do it, because duh, if someone steals your lappy they could just wipe to get the hardware so we can put a BIOS password so even thats impossible.
Our so 'open' phones should follow suit...please google, read this. It would be a fantastic option, that way its rendered completely useless to anyone that steals it and is smart with them (aka anyone reading these forums ).
THANKS
I want it
I've been thinking of how to 'secure' my phone's data again since I unlocked the bootloader... but this would be the way.
The feature request goes like this: Password protect the bootloader both for fastboot and getting into recovery (the option to start recovery should be password protected). A wipe is required in order to reset the password.
An additional and optional theft lock (along the lines of what the OP wants) would disable the password reset/wipe feature altogether, essentially bricking the phone if the password is unknown. Not exactly what I want (I just want my data to be safe), but should be easy enough to add both options if we have the code and can flash the SPL.
Obviously this is going nowhere if we can't flash the SPL, but there's no harm in putting this out there for Google to include in the next signed SPL.
Everyone should realize that unlocking the bootloader essentially puts all the data on your phone out there for anyone to grab without a password, given that they know a few things about fastboot/recovery. This is likely why Google forces a wipe when you originally unlock. We 'unlockers' should be given a way to get that security back.
We'd also need to find a way to 'type' a password (for the recovery option) while in the bootloader, since there's no keyboard. You could use the volume toggle to cycle through letters or numbers, but this puts this option far past a 'trivial' change to the SPL code. This may be why Google didn't include the option in the beginning.
theslam08 said:
Maybe a petition to google to set forth this new option then?
Because I was thinking the same thing...our laptops can do it, because duh, if someone steals your lappy they could just wipe to get the hardware so we can put a BIOS password so even thats impossible.
Our so 'open' phones should follow suit...please google, read this. It would be a fantastic option, that way its rendered completely useless to anyone that steals it and is smart with them (aka anyone reading these forums ).
THANKS
Click to expand...
Click to collapse
A computer bios password only keeps people from changing bios settings. They can still format the hard drive.
bubbahump said:
I've been thinking of how to 'secure' my phone's data again since I unlocked the bootloader... but this would be the way.
The feature request goes like this: Password protect the bootloader both for fastboot and getting into recovery (the option to start recovery should be password protected). A wipe is required in order to reset the password.
An additional and optional theft lock (along the lines of what the OP wants) would disable the password reset/wipe feature altogether, essentially bricking the phone if the password is unknown. Not exactly what I want (I just want my data to be safe), but should be easy enough to add both options if we have the code and can flash the SPL.
Obviously this is going nowhere if we can't flash the SPL, but there's no harm in putting this out there for Google to include in the next signed SPL.
Everyone should realize that unlocking the bootloader essentially puts all the data on your phone out there for anyone to grab without a password, given that they know a few things about fastboot/recovery. This is likely why Google forces a wipe when you originally unlock. We 'unlockers' should be given a way to get that security back.
Click to expand...
Click to collapse
This would be really great... an idea, if ever possible, to overcome the bricking phone by password being lost, is somehow emailing it to the registered google account... or maybe sending an sms to a known phone number that was registered before...
dalingrin said:
A computer bios password only keeps people from changing bios settings. They can still format the hard drive.
Click to expand...
Click to collapse
Actually you can set an ON-BOOT password, which will prevent it from being booted at all without the password. Unfortunately, it is not that great a security measure, since you can just reset the BIOS using the jumper on the motherboard. Also, every BIOS manufacturer leaves a backdoor in case of forgotten passwords, just do a Google search for BIOS DEFAULT PASSWORDS.
But, the main thing to remember here is that we do not have a keyboard, and very limited buttons to use. So, what are you thinking of using? A combination of buttons (similar to the quick-reboot)? Or, cycling through with the volume/trackball, kind of like on a briefcase/suitcase (argh, imagine the frustration).
The next thing would be the implementation of such an idea.
If the SPL is to be modified to be password protected, we would need to source code - which I don't think is available.
If the recovery is to be password protected, it would need to have immediate access to a rewriteable portion of the internal memory for storage/retrieval of said password (as would the SPL, but first things first - gotta have the source).
A simple qwerty on-screen keyboard and using the trackball to select characters would work fine. Up and down with volume keys or whatever to type in characters is not a viable option for long passwords.
It seems all this would be of no use without the possibility of flashing our own SPL, so I guess this is a bigger task than I thought at first. We all know SPL's have been hacked many times before, so I believe it can be done on the Nexus One too. But, because of the already unlocked SPL opening up flashing heaven, I am not so sure anyone is going to use any time on figuring it out.
This is what we are left with:
1. Find a way to flash a custom SPL. Piece of cake right?
2. Create an SPL with the possibility of adding password protected fastboot/recovery. Protecting boot will probably not be necessary, as it would make it impossible to trace a stolen phone.
Let me comment on the privacy issue: I am not really very concerned about the data on my phone. Of course I would not want all the pictures and videos I have shot to fall into the hands of complete strangers, but I try not to keep secret/sensitive data on my phone. It is not really very difficult to take the sdcard and put it in any other device or card reader to get all the data off of it. All the password protection in the world will never get us around some physical security. (Maybe I should make another request for encrypting the sdcard?)
What I want is to be able to somehow find the bastard(s) that took my mobile and get it back without it being wiped first. Though there is always the risk that they would not get past the unlock pattern and just throw it away right away. Let's just hope they left it powered on within network coverage.
How does Android store Gmail login credentials? Are the information cookie-like (only session information) or is there an actuall password (encrypted or not, doesn't matter) stored somewhere? If the latter than that would be very bad for the security of the Gmail account (most critical apps there are Mail and Checkout). It would probably be a good idea to change the Gmail password as soon as one starts missing his Android phone.
--
One way of increasing the odds to get a stolen phone back would be to flash a custom ROM with an embeded and preconfigured security application that installs automatically and silently after a wipe. Not perfect because a thief could just flash another ROM but there's a greater chance of a device getting wiped than not getting wiped, right?
I guess a password in recovery would add an extra percentage to those odds too.
So much for this request. Someone moved us to Q&A, so I guess this is doomed for now. We'll just have to keep our phone safe.
maedox said:
So much for this request. Someone moved us to Q&A, so I guess this is doomed for now. We'll just have to keep our phone safe.
Click to expand...
Click to collapse
Sorry for the bump. But seriously this is a must.
Any Nexus with unlocked bootloader leaves the internal memory unprotected (All your photos in DCIM folder, etc).
You just need to enter fastboot and flash a custom recovery.
Hello
Well i have a phone that has exactly what was being mentioned in this thread and i have literally tried everything everyone is saying about flashing, etc.
I was just getting used to the fingerprint scanner after setting up my phone and went to add my VPN connection. It seems there is a bug(feature?) where you can not enable VPN connections while using the fingerprint scanner lock screen. Why it would force you to disable a main selling point of the device to use the VPN connects is beyond me...
Aside from how strange the request was I switched to passcode lockscreen protection and was able to add a VPN connection. However, now I can not seem to turn VPN support OFF or to get the fingerprint scanner back ON. The option is grayed out in my options menu with this message "Turned off by Administrator, encryption policy or credential storage"
Any ideas? As a bonus the VPN connect did not even work! It connects perfectly from my S3, but this S5 seems to hate VPNs?
Can't speak to the built-in vpn settings, but perfectly able to use OpenVPN and fingerprint security without any problems.
SOLVED!
quordandis said:
Can't speak to the built-in vpn settings, but perfectly able to use OpenVPN and fingerprint security without any problems.
Click to expand...
Click to collapse
I was just going to post an update saying I solved it by switching to OpenVPN. Updated my pfSense router, setup the server and exported the client file to my OpenVPN app.... Worked!
However, I still was not able to set the fingerprint lock screen back. It turns out you must delete ALL your VPN profiles(the one I had that didn't work) in the settings menu for the option to become available again. Moral is avoid the built in VPN support like the plague if you can and use OpenVPN,
But that would be true anyway OpenVPN is arguably one of the more secure VPN protocols....IPSEC is probably another good one, but with such....umm....not great implementation of it in android OS, always happier to use another very safe and secure alternative....
Fingerprint and VPN on S5
The answer to the original post is that Android requires a higher level of security to store secure access gateways like VPN's that could grant access to entire business data systems. Samsung rates its finger print sensor as medium. Perhaps medium might even be a step too high especially after it was fooled soon after launch with lifted fingerprints on tape and rubber blocks. Its akin to the facial recognition security option of earlier Android models that was bypassed using printed photos held up in front of the phone.
If you want a VPN in your S5, then you will have to forget fingerprint security and go for the higher level pin or password.
If you have made this mistake and ended up in this forum because your fingerprint option is now disabled, then you will have to delete all of the manual VPN's that you have entered. You then need to reboot your phone and re-check that all VPN are now missing because if you have an updated security profile, it may make the VPN profiles hidden and you will only see them on reboot.
Once the VPN profiles are all fully deleted the fingerprint option will return as a medium security.
I agree with earlier suggestions that if you want the fingerprint to work along with having VPN access, then the best option is to setup an OpenVPN connection. It works fine.
Help!
mikecbig said:
The answer to the original post is that Android requires a higher level of security to store secure access gateways like VPN's that could grant access to entire business data systems. Samsung rates its finger print sensor as medium. Perhaps medium might even be a step too high especially after it was fooled soon after launch with lifted fingerprints on tape and rubber blocks. Its akin to the facial recognition security option of earlier Android models that was bypassed using printed photos held up in front of the phone.
If you want a VPN in your S5, then you will have to forget fingerprint security and go for the higher level pin or password.
If you have made this mistake and ended up in this forum because your fingerprint option is now disabled, then you will have to delete all of the manual VPN's that you have entered. You then need to reboot your phone and re-check that all VPN are now missing because if you have an updated security profile, it may make the VPN profiles hidden and you will only see them on reboot.
Once the VPN profiles are all fully deleted the fingerprint option will return as a medium security.
I agree with earlier suggestions that if you want the fingerprint to work along with having VPN access, then the best option is to setup an OpenVPN connection. It works fine.
Click to expand...
Click to collapse
I found this post after I installed FoxFi on my Galaxy S5. I've heard that FoxFi creates a VPN, so I thought this fix might work for me. I uninstalled FoxFi and removed FoxFi's admin access then tried a reboot but I'm still not able to use the fingerprint. Do I need to do a hard reboot? Any thoughts?
Samsung S5 solutions
I'd just like to chime in and thanks to those who suggested the change to OpenVPN. This worked:
1) Deleted current VPN
2) Change screen lock to fingerprint (or whatever you like, I suppose)
3) I changed from PPTP to OpenVPN (I use StrongVPN), downloaded their client app for Android
4) Using their client app, I can now login to VPN using OpenVPN
5) lock screen still functions as normal.
What a pain. So lucky I enabled the Samsung remote before this happened as I got a bug where the phone crashed at the PIN entry screen and I was unable to unlock the phone with the PIN. So, S5 users, do enable "Remote Control" in your settings so you can unlock your phone via internet.
Ken
security certificate
diggory's wardrobe said:
I found this post after I installed FoxFi on my Galaxy S5. I've heard that FoxFi creates a VPN, so I thought this fix might work for me. I uninstalled FoxFi and removed FoxFi's admin access then tried a reboot but I'm still not able to use the fingerprint. Do I need to do a hard reboot? Any thoughts?
Click to expand...
Click to collapse
If you delete/remove the security credentials it will work again. It took me a while just trying everything to get it to work again but this fixed it. You just have to do that after using VPN.
Is there any other way to enable the finger print unlock option?
I use StrongVPN too... and I am in China right now. OpenVPN doesn't work well here somehow (confirmed by StrongVPN support staff), and it would disconnect or get no internet access randomly. I was forced to use PPTP for a more stable connection. I have set up a VPN router using the main account (PPTP now, but I am able to change it to openVPN if I want...but then it won't be stable), and I have an addon account (extra $2 per month) and it can only be PPTP (I won't be able to change it to anything else). Right now I have the addon PPTP account set up on my S5.
Basically I can only use PPTP right now. Is there any other way to enable the finger print on screen lock?
Is it a bug or done on purpose by the manufacturer? Will it be fixed in the near future?
similar problem
Hi. I just bought my S5 around new years, after having iPhone for a long time, so im quite new at android devices. My problem is i've done something so that i cannot activate any kind of security except for a password. All others is greyed out
Do you know how i can make my security options work again? I dont know what i've done, and i would be sad if i had to reset my whole phone just for that...
PhilBxda said:
I was just getting used to the fingerprint scanner after setting up my phone and went to add my VPN connection. It seems there is a bug(feature?) where you can not enable VPN connections while using the fingerprint scanner lock screen. Why it would force you to disable a main selling point of the device to use the VPN connects is beyond me...
Aside from how strange the request was I switched to passcode lockscreen protection and was able to add a VPN connection. However, now I can not seem to turn VPN support OFF or to get the fingerprint scanner back ON. The option is grayed out in my options menu with this message "Turned off by Administrator, encryption policy or credential storage"
Any ideas? As a bonus the VPN connect did not even work! It connects perfectly from my S3, but this S5 seems to hate VPNs?
Click to expand...
Click to collapse
I have the same issue here, I was able to connect once to the VPN... Let us if you find a solution
Brocheuse said:
I have the same issue here, I was able to connect once to the VPN... Let us if you find a solution
Click to expand...
Click to collapse
Hi guys,
Let's put this into context for a minute. Android is assuming that if you're using the built-in VPN functionality of the phone, then it's for corporate use/access. As such, the security on the phone needs to be at a maximum in order to avoid a potential security vulnerability if you lose your phone. If you lose your phone, or if it gets stolen, a malicious user may intentionally access your corporate network via the VPN connection and this can result in some serious issues. Therefore, if you're going to use the BUILT-IN VPN, the the phone requires you to change the lock method to one that is considerably more secure than the fingerprint scanner, which has very easy and known work-arounds and much easier to hack than a PIN or password.
If you delete your VPN account from the system settings, then you will be able to re-enable the fingerprint security on your lock screen. Pretty simple.
If you REALLY want to use the fingerprint scanner along with a VPN connection, you can see if the VPN you want to use supports OpenVPN, as that protocol is not supported by the OS natively, and therefore, there are no security restrictions on the phone to use the app. Alternatively, you can try to find a VPN Client app that doesn't rely on the phone's built-in VPN functionality.
Hope that makes sense....
quordandis said:
Hi guys,
Let's put this into context for a minute. Android is assuming that if you're using the built-in VPN functionality of the phone, then it's for corporate use/access. As such, the security on the phone needs to be at a maximum in order to avoid a potential security vulnerability if you lose your phone. If you lose your phone, or if it gets stolen, a malicious user may intentionally access your corporate network via the VPN connection and this can result in some serious issues. Therefore, if you're going to use the BUILT-IN VPN, the the phone requires you to change the lock method to one that is considerably more secure than the fingerprint scanner, which has very easy and known work-arounds and much easier to hack than a PIN or password.
If you delete your VPN account from the system settings, then you will be able to re-enable the fingerprint security on your lock screen. Pretty simple.
If you REALLY want to use the fingerprint scanner along with a VPN connection, you can see if the VPN you want to use supports OpenVPN, as that protocol is not supported by the OS natively, and therefore, there are no security restrictions on the phone to use the app. Alternatively, you can try to find a VPN Client app that doesn't rely on the phone's built-in VPN functionality.
Hope that makes sense....
Click to expand...
Click to collapse
Thanks for your explanation and yes it make sense, I have a question, I hope you'll know how to fix it: I installed the VPN on my Samsung s5 tablet and it works fine no issues, did the same thing on my cell phone (s5 also) somehow the cell will work only once, if I delete the VPN and restart over same thing works only once... any ideas?
Brocheuse said:
Thanks for your explanation and yes it make sense, I have a question, I hope you'll know how to fix it: I installed the VPN on my Samsung s5 tablet and it works fine no issues, did the same thing on my cell phone (s5 also) somehow the cell will work only once, if I delete the VPN and restart over same thing works only once... any ideas?
Click to expand...
Click to collapse
That is strange and I'm not sure. What kind of VPN did you set up? OpenVPN? L2TP/IPSEC? PPTP? I would contact the VPN provider and see if they can help you troubleshoot. Sorry, wish I was of greater help....
I have the same problem, I installed the openVPN connect app which forced me to switch to password on the lock screen. I then uninstalled the app but that still did not restore the fingerprint option. I checked the built-in VPN and there are none. I can't figure out how to restore the fingerprint option. I hope someone can please help me!
I ask because after installing stock MRA58R the contents of my N6 were still visible in Windows Explorer. So I reformatted userdata & cache, and then used the new NRT 2.0.7 to flash MRA58R again - wipe, no root, no recovery, no no-encrypt, just bog-standard install. The "Encrypting device" appeared for literally a few seconds, and now as it's sitting re-installing my apps from Google I can still see the contents of internal memory in Explorer. No USB debug, just a "Use USB for file transfer".
I have a multi-digit PIN on the phone, set up as part of the initialisation process.
I went through all this because my wife's phone was stolen last weekend and it was a wake-up call for me about my data security.
I'm sure I'm being particularly stupid. Can someone please educate me?
Thanks...
And maybe I'm answering my own question...
The contents are visible to me because I entered the device PIN?
Anyone without the PIN gets to see nothing?
And that includes any access via ADB/fastboot?
But is this any different from a non-encrypted device?
dahawthorne said:
Anyone without the PIN gets to see nothing?
Click to expand...
Click to collapse
It is a method to store data that is only readable with the key used for encryption.
Your pin is something different and is used for access permission of a device.
Thanks, but my understanding is that the device PIN is the encryption key. You can't set encryption without having a device PIN. What else could it possibly be using?
So I guess I still don't understand if having my device encrypted is any better than having a simple PIN-secured unencrypted device. If someone can see my data via bootloader mode or some other back door how secure is it?
If I look at an encrypted file I expect to see hieroglyphics. That's not what I'm seeing here. I see either nothing at all because the device isn't recognised by my PC, or I have full access to the data.
So what effect should I expect to see that is different/more secure than a simple PIN-protected device? What's the actual benefit of encryption?
dahawthorne said:
Thanks, but my understanding is that the device PIN is the encryption key. You can't set encryption without having a device PIN. What else could it possibly be using?
So I guess I still don't understand if having my device encrypted is any better than having a simple PIN-secured unencrypted device. If someone can see my data via bootloader mode or some other back door how secure is it?
If I look at an encrypted file I expect to see hieroglyphics. That's not what I'm seeing here. I see either nothing at all because the device isn't recognised by my PC, or I have full access to the data.
So what effect should I expect to see that is different/more secure than a simple PIN-protected device? What's the actual benefit of encryption?
Click to expand...
Click to collapse
Ill be honest. Your device is only as secure as the person that steals it. No amount of security has been 100% proven to prevent the data being attainable if they have access to the device its self. While I am not saying the average thieve will be bale to do it but, then all they care about is the device and end up wiping the device and reselling it without a care about the info inside it.
dahawthorne said:
Thanks, but my understanding is that the device PIN is the encryption key.
Click to expand...
Click to collapse
That wouldn't be a good encryption, you usually need at least 256 bits to encrypt a volume. The pin is only to unlock the encryption key that's stored on a separate partition. Also to unlock the phone.
If you stick a USB cable into a phone that's on, it switches to USB charging mode by default, so you need to unlock it to change it to MTP or Camera. If you want to connect as USB debugging, you first must allow the new computer's fingerprint to connect, so you need the pin to unlock the phone again.
If encryption is used correctly, then you must enter your pin to resume boot. But you can just set MTP as default connection in a custom ROM, build it as userdebug that doesn't require ADB fingerprint, and set pin for unlocking lock screen only
Thanks, people. It looks like encryption is pretty well pointless then if any Tom, **** or Harry can just install a new ROM or recovery and get access to the data... Burning my battery for nothing but a lot of security hot air...?
Speaking of which, I've just rebooted my phone and despite having checked the "Require passcode to start Android", which actually did work at least once (meaning I had to enter a PIN 3 times, for Android, SIM and device), this time there was no Android challenge, only SIM & device.
This security really isn't up to the job at all.
That is incorrect. With out knowing the key, as long as you select require pon at boot, the only thing they could do is reformat your phone and continue using it. No matter what, the key to your data is needed to access it.
dahawthorne said:
Thanks, people. It looks like encryption is pretty well pointless then if any Tom, **** or Harry can just install a new ROM or recovery and get access to the data... Burning my battery for nothing but a lot of security hot air...?
Click to expand...
Click to collapse
I really don't get where this comes from?!? It's a very serious security measure, and it's really not its fault if people dynamite holes into the phone's security like using userdebug builds, and having custom recoveries.
The point is, you have to decide if you want a phone open for modding and to use to store sensitive data on it. There isn't a system that really can accommodate both.
But if you don't have any sensitive data on your phone then encrypting is really pointless.
Thanks again, guys.
@scryan - "select require pin at boot" - does this mean the "require PIN before starting Android"? This is what I mentioned I had but now I don't. An extra layer of security disappeared for no reason I can think of, and I see no option to switch it back on, since the only time it was offered to me was during the initial setup. I still have SIM lock and device lock, but more is better, no?
@istperson - I get the trade-off between security and flexibility. I would consider my photos, for example, to be secure data - even if I'm happy showing them to people I know, I don't want strangers poking around in them.
So bottom line - I still see no argument that says that encryption provides something that the PIN doesn't. How exactly is a PIN-protected encrypted phone more secure than a PIN-protected unencrypted phone?
Edit: I found the "require PIN on boot" option in one of the security tabs, and it appears to work. Back to 3 levels of security, but still in the dark about encryption benefits.
dahawthorne said:
So bottom line - I still see no argument that says that encryption provides something that the PIN doesn't. How exactly is a PIN-protected encrypted phone more secure than a PIN-protected unencrypted phone?
Click to expand...
Click to collapse
If they hit you on the head, take your phone, tear it apart, and remove the sdcard, it won't be readable because of the encryption. If it's unencrypted they can access every data.
But don't store naked selfies on you phone. or in the cloud, then you're safe.
Also the pin to boot doesn't go away by itself without tinkering. Go back to Settings/Security and switch on the Require pin to boot, or whatever it's called.
Basically encryption is how the data is stored on the device. Instead of the normal readable format, its scattered all around in a pattern that requires a key to calculate how to put it all back together.
When you computer goes to read a file, it pulls out a chunk of data, looks at what the right pattern is, then ignores the pieces it doesn't need.
When you phone is running you dont see any of this, because your phone is always in the middle decoding.
If I tried to access your data by circumventing the OS and its checks, all I would see was scrambled randomness.
Decent little wiki entry from arch linux
https://wiki.archlinux.org/index.php/Disk_encryption#How_the_encryption_works
Its more aimed at computers, but its the same thing...
"it won't be readable because of the encryption."
That I understand - thanks. I suppose I was just a bit uneasy because it seems a bit too simple to get in, but obviously tinkering with my own device is far simpler than tinkering with someone else's.
I'll put this one to bed now. I'm very grateful for everyone's patience in answering my questions.
So a few weeks ago I would restart the note and have it start up at the normal lock screen rather than the decrypt screen. I corrected it by changing the password requirement to none, restarting, and back to password. A few weeks later, it's no longer asking for the decrypt password again, and changing the password requirement isn't working this time. I've also noticed the encryption option under "other security settings" is missing. Does anyone know if there's something wrong here?
I just noticed I have the same issue. For the last few weeks when I reset my phone it hasn't been prompting me to decrypt the phone, so I went looking for the settings, and there is nothing there. I searched for encryption in settings and it says no results found, I even checked developer settings. What is going on?
I having the same problem.
I have the same issue. The encryption option is completely gone! What the hell is going on?
Has anyone figured out how to find the encryption settings? I just updated my TMobile Note 5 to 7.0 and I seem to have lost encryption. This is a huge problem as my work email policy requires it, and I can no longer sync emails or calendar appointments. ?
i found the device is encryped and the setting is in "lock screen and security" under "protect encrypted data" it says the device is encrypted etc...
wowow123 said:
i found the device is encryped and the setting is in "lock screen and security" under "protect encrypted data" it says the device is encrypted etc...
Click to expand...
Click to collapse
The "protect encrypted data" doesn't show up under that menu for me. Going to wipe the phone and try again. That's all I have left at this point.
Hi. I was having the same problem (when restarting there was no encryption password required and no "protect encrypted data setting). I found what I needed under "secure startup." With this activates my phone now asks for the password before decrypting the data.
It works, thank you!!
Hi everyone,
so my issue is simple, yet I don't know what to actually do.
After a recent update via Google Play of some applications (i think that's the main problem), my draw pattern (a correct one) is not recognized by the phone anymore. Whatever I do, my Lock Screen doesn't recognize my correct pattern and lock itself from 10 seconds to 5 minutes depending on how many times I've tried to open it. Even my fingerprint is not recognized (altough as far as I remember, it never is when my phone boots for the 1st time, as pattern must be validated first).
My phone becomes unusable, as it can't unlock. The only 2 options I have are "Emergency call" or "Forgotten password". The latter option just says I have to Wipe Data Format which is not an option for me, as I have important things on my phone.
What solution could I apply, so I can unlock my phone WITHOUT having to delete my data :/
Important to note:
- It's not a problem from screen protector (I've removed it..)
- Generally I was using the option for invisible draw pattern, thus no one sees what I draw as extra protection (maybe it could be part of the problem now after some updates of random apps).. but obviously is working
- My SIM code is still accepted and it's fine, so not everything was Reset for whatever reason, as it's not 0000..
- My phone is updated to the absolute latest version available via OTA and nothing else was added or done
- I didn't use 3rd party Lock Screen other than the one included with the Xiaomi 11T Pro from the system
- I was using Bitdefender (which was not updated when the problem occured), which has the option to randomize pin for applications only (not pattern)
- I've also made the battery drop and the phone to turn-off and left it like that for 2 days to see if it will somehow reset/remember my pattern, but nothing..
I read so many guides online from Google and all seem are promoting some sketchy software which I dont want to risk with unless it's 100%.
Model: Xiaomi 11T Pro 5G 256GB 8GB RAM with Miui 14 (European version)
Thank you Xiaomi friends!
Weird that updates on the playstore have created this problem.
Not much to do, security issue.
NOSS8 said:
Weird that updates on the playstore have created this problem.
Not much to do, security issue.
Click to expand...
Click to collapse
Well, I see no other reason for this to happen. Doubt someone hacked me, altough at that time I was using Public wifi in a hotel. It can't be Bitdefender as well I think to scramble my pattern and I've remotely removed it. I've read that maybe if in my pocket the wrong pattern was entered by accident many times, that it will reset, but it makes no sense to me. I'm using latest versions of MIUI and standard apps (not using any unknown ones), everything is from Play Store, as I really can't imagine what issue could be, but for sure I would like to enter without deleting my data :/
Never seen or had this problem and it may be Bitdefender that caused this problem.
No solution without deleting your data.
NOSS8 said:
Never seen or had this problem and it may be Bitdefender that caused this problem.
No solution without deleting your data.
Click to expand...
Click to collapse
I was thinking the same, but remembered that LockScreen for Bitdefender was disabled way before that. It was not working for the official Xiaomi LockScreen to scramble anything (especially pattern) as I choose which apps to lock and it was not working on it. It does it only for applications which I've selected and with pin numbers :/ Also I've remotely removed the app support via their Center which means that even if that was the problem (for some unknown reason turned ON lets say), it should not be valid now. Also it was not updated via the last moment I had it working , so for sure it's not this the problem unless someone hacked Bitdefender via my profile, which should be valid also for my 2nd Xiaomi phone, but there I have no problem and it seems very unrealistic scenario for me :/ Also if it was true, they can't change my pattern or pin via website. Problem is somewhere else, as I remember, most were some Google and Xiaomi apps that got updated which I even usually don't use like Auto. I really look for some way to unlock it or somehow make my phone "remember" the correct invisible pattern :/ of course to delete everything would be most easy but that should be last last resort for me :/
Try here to see if the password or account is still the same and works.
NOSS8 said:
Try here to see if the password or account is still the same and works.
Click to expand...
Click to collapse
I didn't register Xiaomi Account when I took my phone, neither it has such, I don't have Xiaomi Cloud or account, I just have Google account in order to use Google Play :/
Is your bootloader unlocked? If yes, try boot a twrp a12/a13 for 11t pro, see if you can retrieve your data using that.
If you're not unlocked, wipe/format data is your only option. Either from recovery or your google account
x3r0.13urn said:
Is your bootloader unlocked? If yes, try boot a twrp a12/a13 for 11t pro, see if you can retrieve your data using that.
If you're not unlocked, wipe/format data is your only option. Either from recovery or your google account
Click to expand...
Click to collapse
As far as I know it's not unlocked/rooted or anything as it's brand new phone I bought in November. So in such case, whatever I do or read from sketchy apps/websites/videos, I should not trust and it's 100% impossible to unlock it or recover my data in any way? In general I can open the notification to turn Wifi on/off, etc, but I can't view messages for example, so just very basic things
Hackera93 said:
I didn't register Xiaomi Account when I took my phone, neither it has such, I don't have Xiaomi Cloud or account, I just have Google account in order to use Google Play :/
Click to expand...
Click to collapse
Interest to have a Xiaomi account:
Ability to locate the phone and erase data in case of theft or loss.
Cloud Backup:
Sms, Calls, Mms, apps, password, bluetooth, etc..
NOSS8 said:
Interest to have a Xiaomi account:
Ability to locate the phone and erase data in case of theft or loss.
Cloud Backup:
Sms, Calls, Mms, apps, password, bluetooth, etc..
Click to expand...
Click to collapse
I am privacy concerned about Xiaomi in general, so that's why I try to minimize services used by it. I have the ability to locate and erase data with BitDefender and Google as well, but that's not an issue at the moment. I can do it, but won't do me any favor. Also Xiaomi Cloud is the last place probably someone would want his private information stored from the hundreds available free alternatives, also is limited to just 2 GB as far as I remember by before, which indeed is useful for SMS, but nothing else. I dont see a reason to use it , neither why would my phone do unnatural things. I worry that this issue will repeat, so yes, backup is always worth to have, but I couldn't imagine I will need it so soon and that it will be for such unlogical reason which none of us seem to know what's the problem which really frustrates me and makes me rethink in general the use of Xiaomi, as such random events happening should be a red flag
Hackera93 said:
Hi everyone,
so my issue is simple, yet I don't know what to actually do.
After a recent update via Google Play of some applications (i think that's the main problem), my draw pattern (a correct one) is not recognized by the phone anymore. Whatever I do, my Lock Screen doesn't recognize my correct pattern and lock itself from 10 seconds to 5 minutes depending on how many times I've tried to open it. Even my fingerprint is not recognized (altough as far as I remember, it never is when my phone boots for the 1st time, as pattern must be validated first).
My phone becomes unusable, as it can't unlock. The only 2 options I have are "Emergency call" or "Forgotten password". The latter option just says I have to Wipe Data Format which is not an option for me, as I have important things on my phone.
What solution could I apply, so I can unlock my phone WITHOUT having to delete my data :/
Important to note:
- It's not a problem from screen protector (I've removed it..)
- Generally I was using the option for invisible draw pattern, thus no one sees what I draw as extra protection (maybe it could be part of the problem now after some updates of random apps).. but obviously is working
- My SIM code is still accepted and it's fine, so not everything was Reset for whatever reason, as it's not 0000..
- My phone is updated to the absolute latest version available via OTA and nothing else was added or done
- I didn't use 3rd party Lock Screen other than the one included with the Xiaomi 11T Pro from the system
- I was using Bitdefender (which was not updated when the problem occured), which has the option to randomize pin for applications only (not pattern)
- I've also made the battery drop and the phone to turn-off and left it like that for 2 days to see if it will somehow reset/remember my pattern, but nothing..
I read so many guides online from Google and all seem are promoting some sketchy software which I dont want to risk with unless it's 100%.
Model: Xiaomi 11T Pro 5G 256GB 8GB RAM with Miui 14 (European version)
Thank you Xiaomi friends!
Click to expand...
Click to collapse
Weird!! It even happened to me today, all of sudden my daily unlock pattern isn't working. Even I need the data in it
prithvi9679 said:
Weird!! It even happened to me today, all of sudden my daily unlock pattern isn't working. Even I need the data in it
Click to expand...
Click to collapse
Hey, also on 11T Pro? And after update?? Do you remember last things that happened before it "forgot" the pattern? And was it also the invisible type of it? Tell more details, maybe we can get some common points and maybe some solution could be found hopefully :/
Yes on Xiaomi 11T Pro, received miui 14 a week ago. It just randomly happened yesterday as my fingerprint is not detected it asked me to draw the pattern. When I drew it doesn't allow me into phone even though the pattern is correct. For me the pattern is VISIBLE.
did you activate usb debugging? and at least once connected with your pc?
then you can get your files with XIAOMIADBFASTBOOTTOOLS.jar
that's the only option you have left before deleting everything on your phone.
ricos1995 said:
did you activate usb debugging? and at least once connected with your pc?
then you can get your files with XIAOMIADBFASTBOOTTOOLS.jar
that's the only option you have left before deleting everything on your phone.
Click to expand...
Click to collapse
Indeed, it is necessary to have activated the USB debugging and to have already used this program so that the authorization is granted.
Anyway, nothing about this program will remove security or be able to recover data.
NOSS8 said:
Indeed, it is necessary to have activated the USB debugging and to have already used this program so that the authorization is granted.
Anyway, nothing about this program will remove security or be able to recover data.
Click to expand...
Click to collapse
yes it can "recover data" but not reset or change the passcode
ricos1995 said:
yes it can "recover data" but not reset or change the passcode
Click to expand...
Click to collapse
Nope, there is no such option and even if it existed, this data is encrypted.
NOSS8 said:
Nope, there is no such option and even if it existed, this data is encrypted.
Click to expand...
Click to collapse
forgot it was encrypted
Guys, do you think it's worth to wait for some "miracle" to happen? It seems it's some bug that happens to other people too and hopefully Xiaomi takes action. Maybe if I can get update in background, might get fixed without the need to Wipe data?
PS: I did use before USB Debugging, but from the Settings. I dont know how to turn it remotely from the computer. I also have installed ADB, but I'm not sure how to debug it as it doesn't detect my phone now :/ The XIAOMIADBFASTBOOTTOOLS.jar I havent used.