Nowadays, does encryption password size really matters on a security perspective?
Brute force or other methods still breaks device encryption? If so, how to stay safe?
Device is a Galaxy Note 8 on Android 8, but this is a relevant topic to every device.
Related
Hi,
I have CM10 running on my rooted Galaxy Nexus and I just enabled the disk encryption. However, I can't find any options what happens after a few failed attempts? I would like to reset and wipe my phone so that it will be usable, but without any of my data. Cerberus is flashed, so I think I'll have a better chance at recovering my phone if it's usable and not completely locked.
I have set a profile with tasker + secure settings to shutdown after 3 failed PIN attempts (which is different than the encryption password), so I should be save there and a thief would be forced to guess my much safer encryption password.
I know that I can do it with cerberus, but only manually.
Bonus point: Is there any possibility to use a pattern instead of a PIN for the display lock? It's unavailable after encrypting..
Nobody?
Hi,
I just bought Samsung Galaxy Note 3 and want to setup it like my old Galaxy Nexus. Also I want to stay with fully stock ROM for a while so I need to perform everything without root.
I need encryption set on my phone. Problem was that for some reason Samsung ROM does not allow PIN unlock on encrypted device. Password wasn't convenient so I searched for workaround for this.
Solution was to install Tasker+Secure Settings and change lock type to PIN just once. Everything was perfect, PIN lock was set permanently. BUT, when I rebooted the phone I wasn't able to decrypt storage with old password. My device can be only decrypted with new PIN now.
How the hell that could be? I believed that when I set encryption password it will be used for decryption. Obviously for me now, it's not.
My question is: what encryption key is used for data decryption in Android? You can change password or PIN and decrypt device with it easily. In other words: what data (encryption key) should be hacked in order to decrypt the phone and where is it?
Hi all,
after getting my new 99 € Fire HDX 7" and managing to root it, install Safestrap and the Nexus ROM, I am now somewhat worried about the security of the device in case it gets lost or stolen. Let me explain:
Among other apps with personal data I have my email account installed on the device, so anyone getting access to it can easily get into my ebay/paypal/amazon/whatever accounts using the forgot-password functionality of those web sites.
What one would do on a stock kindle in order to prevent this: use an unlock PIN for the screen and disable ADB. That should be sufficient, I guess, as I don't see what additional security there should be in enabling encryption except that someone could physically remove the flash chips from the device (but that risk I'm willing to take, as I don't deem my data sensitive enough for someone to go take the device apart).
Now how is the situation once Safestrap and the Nexus ROM are installed? I can still disable ADB in the settings, but on every reboot the Safestrap screen gets displayed and a thief can easily get into the Safestrap recovery and browse the files from there. Would it be possible for him to export files from there, reset a ROM to remove the PIN or do something else to get access to the system?
If so, would it be possible to enable encryption on the Kindle HDX to prevent this? Or would encrypting not work with Safestrap or even brick the device?
Hi all, i see that many roms are for decpryted devices only. I never understand what dectyprion is.
How i can see if my device is decrypted? Which are the benefits? Can i switch from decrypted to encrypted every time that i want? How i can do that?
Here is some information on what encryption is:
Encryption Overview
https://source.android.com/security/encryption/
File-Based Encryption
https://source.android.com/security/encryption/file-based
Full-Disk Encryption
https://source.android.com/security/encryption/full-disk
It seems that some of the problems posted on 13 updates are because encryption was lost from 12 to 13. Fingerprint sensor, write to SD, Android Auto, PIN lost ect. I can not prove it but makes sense.
Recommend going to Settings, Security, Encryption & credentials. Any certificates or keys should be backed up. For safety backup all your data.
If your posting a bugs for 13 PLEASE give device model, root-noroot, ect.