Cannot change encryption password on Android Pie anymore - Android Q&A, Help & Troubleshooting

I wanted to have a separate encryption password and lockscreen pin on my android 9 (Pie) smartphone.
As Google removed the features from "vdc" to set an encryption password on the shell, I started experimenting.
I tried instead to copy the only thing that looks like it could be the password in /data/system/locksettings.db, i.e. "sp-handle". So I changed the PIN (and encryption PIN), then I set back the "sp-handle" entry.
As this did not work, I deleted lockscreen.db.
When I deleted lockscreen.db, I was able to set a new PIN independend on the encryption pin.
But now I cannot change my encryption password anymore!
I tried changing the pin back to the encryption password and then changing to the new password (so the last change would not provide the correct "current password" to a password change API), but it does not work.
So I can currently boot with my current encryption password and login with lockscreen pins I can change as I want, but I do not have an option to change the encryption password anymore.
Maybe I deleted a "this pin applies to encryption as well" flag together with the old locksettings.db.
How do I couple lockscreen PIN and encryption PIN again or how do I change the encryption PIN manually, so I can set a new encryption PIN?
My ROM is lineage-16.0 on a Xiaomi MI A2 device.

Related

[Q] Unsafe certificate protection in Android?

Hi
I've followed the instructions from Nexus offical guide and installed my personal certificate stored in a pfx file (PKCS#12) in my Google Nexus (ICS 4.0.4). At this point I faced a little problem: the new certificate is not listed in "User" tab in "Credentials". It works anyway because I can use it in web pages.
But the big problem IMHO, is the way Android protects your certificates. It only requests the user to set a pattern, PIN, or password to unlock the screen. I'm missing a password-protected access to my credentials like IE does in Windows, for instance every time your certificate is requested by a web site.
Is there a method to enhance security of your certificates in ICS and set a password for accessing certificates storage?
Thank you

[Q] Lock pin file location

So, on previous phones you could simply delete the /data/system/password.key file to disable the lockscreen password. Does anyone happen to know where Samsung has put it?
/data/system/locksettings.db-*
/data/system/gesture.key
/data/system/sparepassword.key
/data/data/com.android.providers.settings/databases/settings.db
fffft said:
/data/system/locksettings.db-*
/data/system/gesture.key
/data/system/sparepassword.key
/data/data/com.android.providers.settings/databases/settings.db
Click to expand...
Click to collapse
Thanks, but,
locksettings.db-* is simply information for what type of lockscreen, it sadly does not hold the value for the lock pin/password you set.
gesture.key does hold the pattern you selected.
sparepassword.key holds the pin you chose for your backup pin from the pattern.
settings.db is just a database for the general settings
I cannot for the life of me figure out where the "password.key" file is. I think Samsung changed this location. But according to the source code, it should be the same location. -.-
I figured it out.
System property, security.mdpp needs to be set to "None" in order for it to use the standard path. I'm not sure where its putting it if that is set to Ready. The smali is hard to follow. But i got it working properly now Thanks!
Hi, my security.mdpp is set to "None" by default but still I get no password.key file. I used Delayed Lock successfully on my Galaxy S4 but it won't work well on my S5 since it heavily relies on that file to also do the unlocking, when another admin is active that requires PIN Lock.
I am looking for an information on how to get back the S4 behaviour referring to that file.
?

Gmail asking for authentication after changing SIMs

Hello,
To recreate issue:
1. Start 2-factor authentication
2. Generate app-specific code
3. Use that to sign into your device
4. Change the SIM
I have two SIMs, and I sometimes switch between them. The issue is that once I do so, it prompts for the password. I then have to create a new app-specific password using my computer to access GMail.
Is there any way to fix this bug? If so, how can I do it?
I appreciate any help.

How to set different Passwords for device encryption and lockscreen?

Today i encrypt my rooted stock Xperia z5c 32.2.A.5.11 Marshmallow rom. I set a pin code for lockscreen and this pin is now the same for the device encryption. Those two are bound together due Sony limitations. Because of security reasons and for simple use i want a password for disc encryption and a pin for the lockscreen.
I tried the Apps "snoopsnitch" and "cryptfs password" to change the disc encryption password but this results in an password error in the encryption screen. The device can't decrypt at boot.
The terminal command
su vdc cryptfs changepw password [newpassword]
works, but after changing the passphrase the System doesn't recognize them and can't decrypt too. I tried multiple passwords including the translation to hex of them without success.
Does anybody know a solution or got the same problem?
Thx

Passcode Interception

I would like to know if there is a way to intercept the inserted passcode to unlock the phone.
What I aim to do is to detect and read the wrong pattern insertions and leave the default behavior for the sucessfull passcode.
The enviroment could be whatever up to the needed restriction, i dont know if is needed a rooted device or not, btw I would also consider LineageOS solutions.
I've read about DeviceAdminService and DevicePolicyController but can find out anything...
Thanks in advance
:angel:

Categories

Resources