[Q] Is Remote Locking Secure? Possible to Remote Encrypt? - Android Q&A, Help & Troubleshooting

I love the convenience of not having a lock screen, and I don't want to give that up. I have a setup on my phone (T-Mobile Galaxy SII - SGH-T989) with Android Lost, TrustGo, and Prey, each offering remote lock/pin setup functions. This is obviously not 256-bit+ encryption, but it should prevent the phone from being accessed by most.
Then I saw a CNet article entitled "How Apple and Google help police bypass iPhone, Android lock screens," (can't link, <10 posts) detailing the fact that the Google and Apple may disclose your PIN info if requested by law enforcement. Is my method of remote securing a lost, stolen, or seized device inherently flawed? Would Android have access to both my Lock Screen PIN and my chosen encryption password, or just the Lock Screen PIN?
Ideally, I would be able to fully encrypt the device, but have it prompt for the encryption password upon boot. That way, I can remotely shutdown the device through Android Lost or Automateit (SMS "prompt"-->shutdown rule setup), and the device would be fully secured.
What I will probably do is this: encrypt with PIN/Password different than Lock Screen, set Lock Screen time to max (only 30 minutes, which sucks), and disable the power button auto-lock. Can I extend the lock screen time to 2 hours+?
Suggestions?

Related

[Q] Screen unlock / security

I'm currently using my Vibrant for work. In order to connect to corporate email I am required to have security protocols in place that requires me to enter in an alpha-numeric password containing 8+ characters every time I wake the device. As you could imagine is it a real pain to plug in the lengthy password every time I want to use my phone. If I disable the security, my email will not allow me to connect to corporate. What would be great is if there was a way to use the pattern lock, and a correct input on that would plug in my alpha-numeric password automatically and unlock the screen so I would not have to type it every time. Does anyone know if this is possible?
Open a notepad app , type password and copy / paste .
Sent from my SGH-T959
If my work required that, and required me to read work email on a mobile device, they would be supplying said device to me.
How are they tying the email to the unlock wake on your vibrant?
Sent from my Samsung Galaxy S - powered by Team Whiskey™
As far as I know there isn't a way to do that, someone with more knowledge may be able to shine a different light on this. However, over in the Evo 4G area, there is a thread that talks about how to modify the Email.apk so you don't have to enter in a password or PIN (and it works quite well). Just keep in mind, you are the one responsible for your own actions if you get caught breaking your company's security policy.
jbeez, it is through a security profile that is pushed to the device before the initial sync occurs. The profile becomes basically a device admin and sets policy that you have to use a PIN or password to unlock the phone. It can also allow them to wipe the phone if they want. It can only do this if you agree to it. If you don't agree, you don't get mail.
Thanks for the replies folks. The local client on the device contains the security parameters. Would be nice if there is a way to script something to plug in the password automatically without having to type it. Maybe if the keys were bigger, but that does not help with having to plug in an 8+ alpha-numeric pw every time.
Take a look at this...I mean at the security removed gtab email. It might help.
http://forum.xda-developers.com/showthread.php?t=988902

[Q] Question about lock screen pin with Exchange setup

Hi Guys,
Well i hope this is not a dupe post, however ill give it a shot.
So i have my new Android phone that is setup with Exchange syncing from work. There is a PIN number that is forced onto my phone which is ok, however coming from an iphone they had a really neat feature where i could set the timeout on the PIN to say 15mins, then anytime i used my phone during that time i didn't have to enter in the PIN. This was ok with me. However since moving to Android, it seems that when i set the PIN and the screen lock feature to say 2 mins (so the screen will turn off quickly) when i wake it up the phone asks me for a PIN. It is starting to get quite annoying.
Now before you all jump on the security bandwagon, i want to first say i am happy with having to enter the PIN, however i was wondering if there is an app or solution out there that could make it similar to the way the iphone handles the PIN timeout.
I am using a carrier supplied phone, so no rooting or hacks have been done to the phone yet.
Does anyone currently know if there is any way to add in the PIN timeout feature (or whatever it may be called) so that when i wake my phone from sleep within a certain time, the PIN will not be asked until that timer has been met?
The apps i have seen do NOT work when exchange sync is enabled.
Any help would be really appreciated.
cheers
Hi guys,
Just wondering if anyone has any suggestions on my question?
Thanks.
There's a version of email with the security requirement disabled. This would allow you to set your own password requirements and screen time out.
Where could I find this replacement email app?

[Q] Blackberry-style lock-out prevention app?

Hi All,
My company's email policy automatically resets and wipes the phone if the lock screen password/code is entered incorrectly five times. This is a rather bad situation for those of us with young kids around that may get a hold of the phone and indiscriminately press buttons.
I have heard that blackberry devices have a simple solution for this: after two incorrect lock screen password/code entries, the device requires you to enter the word "blackberry" before additional password/code entries may be attempted. This is a brilliant defense against toddler attacks that in no way undermines the security of the lock screen.
Do you know of any way to get similar functionality on an android lock screen?
Thanks in advance for taking the time to read this and for any guidance you can provide.

Secondary screen lock - "SONY" - how do I remove?

Build Number 23.4.A.1.200
I've recently updated my Z2 to the above build number. Around the same time, I also added an Exchange account through my work that forces a 6-digit PIN and encryption of the phone's contents.
I find the 6-digit PIN unlock is annoying as it is because I'm used to the pattern unlock... but I've noticed that every time I type the PIN in wrong the first time, the secondary screen (pic attached) comes up and I have to type the word "SONY" (only works in upper case too!) before I can reattempt the PIN again.
I've tried to search around online but can't seem to find anything at all about that screen...
Does anyone know how to remove this secondary unlock screen so that I don't have to type "SONY"? It pretty much means I have to unlock my phone with two hands. I'm not sure if it's part of the firmware update or whether it's a security setting forced by my company policy via the Exchange settings.
I believe the purpose of the screen would be to prevent accidental entering of the PIN 5 times, for example, while it's in my pocket and subsequently causing the phone to wipe the contents.
Appreciate any help... thanks!

Unlock Redmi Note 4 without losing data

Hi!
I had put a password on my Redmi Note 4 so my son doesn't play games on it. I usually use fingerprint or text password which I remember. However, I'm not sure what password I entered and now I've forgotten it. Now as the phone starts it is asking for the password and now it is locked. I can send some pictures of the screen for your reference (do advise how i can send these). When I try forgot password it just prompts me to the screen saying data will be erased etc...
I have important documents, ebooks, pictures and contacts on the phone which I need. Please advise if there is some way by which I can unlock the phone or at least backup all the data on the phone and then erase it.
Your help will be much appreciated.
Best regards,
Sudeep
Starting with Android 5 Lollipop there’s no built-in way to simply reset your pattern, PIN, or password and gain access to your phone or tablet. This does help provide additional protection to your data, attackers have no way of bypassing the passcode unless they actually know it.
The one and only possible solution to unlock: If you've set up Smart Lock on your phone and have it automatically log in when it’s on your home Wi-Fi then you can take your phone to that home Wi-FI network and it will automatically unlock for you, even if you can’t remember the normal unlock code.
If the phone runs Android 4.4 KitKat and older it has an integrated way to bypass your pattern, PIN, or other password if you forget it. To find this feature, first enter an incorrect pattern or PIN five times at the lock screen. You’ll see a “Forgot pattern,” “forgot PIN,” or “forgot password” button appear. Tap it. You’ll be prompted to enter the username and password of the Google account associated with your Android device.

Categories

Resources