Hey guys
I flashed the factory images last night effectively wiping my Nexus 5 and starting from scratch. I did not restore apps and settings either. After I manually installed a bunch of my apps back and changed around a few settings, I decided to enable encryption. However, I don't think it enabled properly.
First, I had not set a PIN lock on my phone yet at the time.
When I decided to enable encryption and go through the process, it didn't ask me to enter a PIN.
It seemingly completed encrypting the phone. When I go back to the security menu, it says "Encrypted".
However, I am not prompted to enter a PIN upon booting the phone (not talking about the lock screen PIN).
So, it seems like it didn't work but I'm not sure. Has anyone else enabled encryption yet?
and yes, I saw the performance degradation that comes with enabling encryption but I'd rather have the security.
definitely sounds like there's an issue there. Do you have a custom recovery? If so, you could boot into that, pull some data and see if it opens. If it does, yeah its not encrypted.
Not worth mentioning degradation. All encryption always has and always will have performance degradation. It's par for the course
That sounds like a good idea. If it's not encrypted, then I guess the only method is to wipe and reinstall again.
mattkroeder said:
That sounds like a good idea. If it's not encrypted, then I guess the only method is to wipe and reinstall again.
Click to expand...
Click to collapse
I think so. You can't reverse the encryption flag without a wipe I dont think
mattkroeder said:
Hey guys
I flashed the factory images last night effectively wiping my Nexus 5 and starting from scratch. I did not restore apps and settings either. After I manually installed a bunch of my apps back and changed around a few settings, I decided to enable encryption. However, I don't think it enabled properly.
First, I had not set a PIN lock on my phone yet at the time.
When I decided to enable encryption and go through the process, it didn't ask me to enter a PIN.
It seemingly completed encrypting the phone. When I go back to the security menu, it says "Encrypted".
However, I am not prompted to enter a PIN upon booting the phone (not talking about the lock screen PIN).
So, it seems like it didn't work but I'm not sure. Has anyone else enabled encryption yet?
and yes, I saw the performance degradation that comes with enabling encryption but I'd rather have the security.
Click to expand...
Click to collapse
Not sure, but i think it's designed to works just like that, the encryption key is not the PIN anymore but something (random?) that is stored somewhere on the phone.
that would protect the data in case someone tries to read it directly from the phone's memory, but useless if you don;t have a PIN/PASSWORD.
I avoided encryption before for exactly that reason (requiring a password to boot). If I lose the phone I want the person that found/stole it to be able to at least boot it. if the person is not a thief there's a contact number so they can call me to give it back. if he/she's a thief well, as long as it's on I can call it, track it, wipe it. even brick it.
by not being able to boot it, the chances of getting it back are 0 if the battery dies or is dead!
http://readwrite.com/2014/10/28/google-android-lollipop-encryption-issues
there isn't much info out there about it.
kenshin33 said:
Not sure, but i think it's designed to works just like that, the encryption key is not the PIN anymore but something (random?) that is stored somewhere on the phone.
that would protect the data in case someone tries to read it directly from the phone's memory, but useless if you don;t have a PIN/PASSWORD.
I avoided encryption before for exactly that reason (requiring a password to boot). If I lose the phone I want the person that found/stole it to be able to at least boot it. if the person is not a thief there's a contact number so they can call me to give it back. if he/she's a thief well, as long as it's on I can call it, track it, wipe it. even brick it.
by not being able to boot it, the chances of getting it back are 0 if the battery dies or is dead!
http://readwrite.com/2014/10/28/google-android-lollipop-encryption-issues
there isn't much info out there about it.
Click to expand...
Click to collapse
I went ahead and wiped the phone again. I reinstalled lollipop and made sure to enable a lockscreen PIN before I enabled encryption. It seems to have encrypted properly. It prompts me for my PIN at boot up now.
You make a good point about encryption making it more difficult for someone to get a hold of me if I lose the phone though.
Same problem here, with Nexus 5 and Android v5
My work Exchange server enforces a security policy to the phone which forces you to enable encryption. So I went ahead and did that, and the email app is still saying that encryption needs to be enabled. When I reboot the phone I never get prompted for a PIN to decrypt the device, yet in the settings screen it says it is encrypted.
I'm going to have to re-flash. Is it possible the issue is caused by leaving the bootloader unlocked? or is this is a bug?
EDIT: Update. Reflashed, but first thing I did was relock the bootloader and enable a security screenlock PIN, *then* encrypted the phone. Now it's prompting me for a PIN on boot and looks like it's worked. Hope the Exchange email policy stays happy this time, as it worked before for about a day before it complained about the lack of encryption
this worked for me also
I did what was stated below and it worked....
1. reflashed,
2. locked bootloader
3. created lock pin
4. encrypted, THEN
5. added MDM control (MAAS360) and exchange email.
It seems to work OK now.
Thanks!
JoyrexJ9 said:
Same problem here, with Nexus 5 and Android v5
My work Exchange server enforces a security policy to the phone which forces you to enable encryption. So I went ahead and did that, and the email app is still saying that encryption needs to be enabled. When I reboot the phone I never get prompted for a PIN to decrypt the device, yet in the settings screen it says it is encrypted.
I'm going to have to re-flash. Is it possible the issue is caused by leaving the bootloader unlocked? or is this is a bug?
EDIT: Update. Reflashed, but first thing I did was relock the bootloader and enable a security screenlock PIN, *then* encrypted the phone. Now it's prompting me for a PIN on boot and looks like it's worked. Hope the Exchange email policy stays happy this time, as it worked before for about a day before it complained about the lack of encryption
Click to expand...
Click to collapse
mattkroeder said:
Hey guys
I flashed the factory images last night effectively wiping my Nexus 5 and starting from scratch. I did not restore apps and settings either. After I manually installed a bunch of my apps back and changed around a few settings, I decided to enable encryption. However, I don't think it enabled properly.
First, I had not set a PIN lock on my phone yet at the time.
When I decided to enable encryption and go through the process, it didn't ask me to enter a PIN.
It seemingly completed encrypting the phone. When I go back to the security menu, it says "Encrypted".
However, I am not prompted to enter a PIN upon booting the phone (not talking about the lock screen PIN).
So, it seems like it didn't work but I'm not sure. Has anyone else enabled encryption yet?
and yes, I saw the performance degradation that comes with enabling encryption but I'd rather have the security.
Click to expand...
Click to collapse
If you set up a screen lock pin the phone will ask you then if you would like the PIN to be enabled or not at boot.
kenshin33 said:
Not sure, but i think it's designed to works just like that, the encryption key is not the PIN anymore but something (random?) that is stored somewhere on the phone.
that would protect the data in case someone tries to read it directly from the phone's memory, but useless if you don;t have a PIN/PASSWORD.
I avoided encryption before for exactly that reason (requiring a password to boot). If I lose the phone I want the person that found/stole it to be able to at least boot it. if the person is not a thief there's a contact number so they can call me to give it back. if he/she's a thief well, as long as it's on I can call it, track it, wipe it. even brick it.
by not being able to boot it, the chances of getting it back are 0 if the battery dies or is dead!
http://readwrite.com/2014/10/28/google-android-lollipop-encryption-issues
there isn't much info out there about it.
Click to expand...
Click to collapse
Sorry for OT, but how can you remotely brick your phone? Just curious in case I ever need to. Don't live in the best of neighborhoods. I can remote wipe, track, take pics. The normal lost/stolen stuff, but I haven't heard of remotely bricking a phone ever.
Nexus 5 still looking to be encrypted
Only a temp fix---Both my Nexus 7, and Nexus 5 just started asked to be encrypted again....
This is still a problem with Lollipop
thegasmaster said:
I did what was stated below and it worked....
1. reflashed,
2. locked bootloader
3. created lock pin
4. encrypted, THEN
5. added MDM control (MAAS360) and exchange email.
It seems to work OK now.
Thanks!
Click to expand...
Click to collapse
wipe efs partition (I do have a backup on my computer) and the phone is no longer a phone.
Just to be clear, you can enable encryption on Android 5.0, and it will not force you to lock the phone. (Like the PIN screen and boot lock). When you buy a Nexus 6/9 the data partition is encrypted but there's no lock set. The following is from this article;
First, the encryption doesn't help much if you haven't set a passcode. Ludwig said studies have shown that roughly have of users don't set passcodes on their devices, largely because they find it inconvenient to keep entering them dozens of times a day. Lollipop will still encrypt your data, but it will also automatically decrypt it in normal use. So if you don't have a passcode, much of your information will be available to anyone who picks up your phone.
Click to expand...
Click to collapse
So if you've enabled encryption, and gone through the process, you're phone data partition is encrypted. It's just not locked down until you use some kind of phone lock too. BTW, the article goes on to describe the limited usefulness of having an encrypted data partition and no phone lock;
Lollipop's encryption still offers some limited protection even under those circumstances—for instance, by protecting stored data against anyone who tries to read it directly from the phone's memory. That could shield user passwords and other sensitive data from attackers.
Click to expand...
Click to collapse
As to why Exchange policies don't see the phone as encrypted is probably due to another issue.
Setting PIN to be required at startup after encryption possible fix
I now have my Nexus 5 & 7 working with exchange on Lollipop using this-
1. Reflashed Lollipop
2. Let phone reinstall all my apps
3. Locked bootloader.
4. Set a screen lock PIN
5. Encrypt phone
6. Set screen lock PIN to be required on start up (this was missing before!)
7. Installed MDM control via Mass360-all policies look to be met, including encryption
8. Installed my exchange account via Gmail
//code.google.com/p/android/issues/detail?id=79342
Updated thread with solution
---
* It used to be that when I did a reboot or shutdown and restart, I would have to enter a password before the system fully started.
* But now the phone boots into the phone without putting in my password. I can reboot the phone and it will boot all the way to the Lock screen, and I can unlock the lock screen with my fingerprint or my backup password.
* I am concerned that somehow my device is either no longer encrypted or that there is some setting which has stored the boot password.
--
Solution :
For those of you who find they have this problem and have not solved it, I found a solution that works, related to a bug (feature?) in Accessibility.
Apologies if this was suggested further in the thread, and that I'm replying to an old post. But I recently had this problem and figured out a solution.
- Accessibility was enabled and for some reason this cached the boot password. So- when I removed the app (rights) and turned off accessibility, and changed (reset/reentered) the password in security settings... On next boot the phone correctly asked me for password.
YMMV.
subs said:
I posted this elsewhere... But I'm having the same problem. Any thoughts? I can post more details, but don't want to repost this everywhere that I see people having the same unresolved problem.
---
* It used to be that when I did a reboot or shutdown and restart, I would have to enter a password before the system fully started.
* But now the phone boots into the phone without putting in my password. I can reboot the phone and it will boot all the way to the Lock screen, and I can unlock the lock screen with my fingerprint or my backup password.
* I am concerned that somehow my device is either no longer encrypted or that there is some setting which has stored the boot password.
Click to expand...
Click to collapse
Hi, please try not to bump threads almost a year old. I realise that it might have taken you a while to actually reach this thread, but hear me out.
Opening a new thread is always better, since software versions, features and devices are most likely different, along with different device usage habits/users.
You say you're having "the same problem"... as.. who exactly? There's a bunch of different specific "issues" that relate to encryption. Be specific.
For instance, you mentioning fingerprint sensor leads me to presume that you are not using a Nexus 5.
Sent from my Nexus 10 using Tapatalk
I updated my OnePlus One via OTA to Lollipop, however experienced some issues afterwards, why I factory reset the phone (still being Lollipop, however in a clean state).
First thing I wanted to do was to enable full disk encryption.
Having nothing configured so far - not even the lock screen (hence I didn't configure any PIN/pattern/passhrase so far) - I activated encryption.
I didn't get asked for any PIN/pattern/passphrase. After "encryption" finished, the phone rebooted as usual, however *not* showing me any prompt (what should I've entered anyway?) but Settings -> Security -> Encryption now prints "Encrypted".
Since Encryption can't be undone without a factory reset I'm now having a phone which says it is encrypted, but not asking me for anything when powering it on.
My assumption is - although I don't know for sure - that several people configure the Lock screen before and then switching to full disk encryption - let them believe their phone got encrypted.
I hope I'm totally mistaken here, but right now it feels like full disk encryption on my OnePlus One with the official firmware is completly bogus!
Any comment on this is highly appreciated!
[email protected] said:
I updated my OnePlus One via OTA to Lollipop, however experienced some issues afterwards, why I factory reset the phone (still being Lollipop, however in a clean state).
First thing I wanted to do was to enable full disk encryption.
Having nothing configured so far - not even the lock screen (hence I didn't configure any PIN/pattern/passhrase so far) - I activated encryption.
I didn't get asked for any PIN/pattern/passphrase. After "encryption" finished, the phone rebooted as usual, however *not* showing me any prompt (what should I've entered anyway?) but Settings -> Security -> Encryption now prints "Encrypted".
Since Encryption can't be undone without a factory reset I'm now having a phone which says it is encrypted, but not asking me for anything when powering it on.
My assumption is - although I don't know for sure - that several people configure the Lock screen before and then switching to full disk encryption - let them believe their phone got encrypted.
I hope I'm totally mistaken here, but right now it feels like full disk encryption on my OnePlus One with the official firmware is completly bogus!
Any comment on this is highly appreciated!
Click to expand...
Click to collapse
Your phone is encrypted although without a pin or password set it isn't much use. Perhaps a flaw that your phone doesn't ask you to set one up when going through the process (I thought it did). Although initially it was enabled out of the box (with 5.0 - see Nexus 6) but that would mean maybe asking to set up one to when a person first goes through the set up on their phone, which it didn't do (to my knowledge). Also not everyone wants to use a pin/pass to unlock. The security for certain things is enhanced with fde without a pin pass but obviously if it's protected with a password with fde then it should be well secured.
http://readwrite.com/2014/10/28/google-android-lollipop-encryption-issues
Hello,
My phone is protected using fingerprint scans and pin code. I noticed that after several failures the phone is not only telling me that it will lock, but also that it will reset (after 8 failures, or something like that).
I don't see that as a security feature, anyone willing to make me loose a lot of time only have to put his/her fingers 8 times on the button and ... everything is gone in my phone ?
Is this a local security feature ? I mean is it configurable somewhere ? or is coming from a remote policy, or hardcoded somewhere in the phone ?
Thanks.
Did you add your work email? I had this when I synched my work email to my device. Apparently, this is one of the security policies of my workplace.
And yes, I was locked out of my device a few days after I got it. It read my belly as a "fingerprint" unlock attempt, and soon I just saw it was wiping all my data. I was really bummed by that since it took hours for me to set up my device according to my liking. Fortunately, I still had my previous phone and didnt wipe it yet.
Yes, I have a work mail configured. Do you think it comes with security policies ? Because on our other phones (iphone, GS5/6) there is no similar settings put in place to wipe data.
Has anyone else lost the ability to encrypt their Note 5 after the latest update from T-Mobile this month? Cause I have......
Sent from my SM-N920T using Tapatalk
GastonC said:
Has anyone else lost the ability to encrypt their Note 5 after the latest update from T-Mobile this month? Cause I have......
Sent from my SM-N920T using Tapatalk
Click to expand...
Click to collapse
I've lost the option on my Verizon Note 5. Just noticed on a full reboot a few days ago and wasn't prompted to enter my PIN. Menu option is also gone. ???
GastonC said:
Has anyone else lost the ability to encrypt their Note 5 after the latest update from T-Mobile this month? Cause I have......
Sent from my SM-N920T using Tapatalk
Click to expand...
Click to collapse
You should be asking this in the T-Mobile thread because both Verizon and T-Mobile don't have the exact same software since they do not work together and are 2 different companies. The baseband, version and kernel don't even match. My Verizon Note 5 still has the encryption options so I can't really help you here since I don't have T-Mobile.
MrMike2182 said:
You should be asking this in the T-Mobile thread because both Verizon and T-Mobile don't have the exact same software since they do not work together and are 2 different companies. The baseband, version and kernel don't even match. My Verizon Note 5 still has the encryption options so I can't really help you here since I don't have T-Mobile.
Click to expand...
Click to collapse
I may be going blind but I'm not seeing the encryption options. I encrypted my phone (Verizon Note 5) on the day I got it so I may just not remember where I did it. I do get the password prompt on start up but I've got the option to "require password when the phone turns on" set under Lock Screen and Security => Secure startup. didnt encryption used to be under Lock Screen and Security too?
ratman6161 said:
I may be going blind but I'm not seeing the encryption options. I encrypted my phone (Verizon Note 5) on the day I got it so I may just not remember where I did it. I do get the password prompt on start up but I've got the option to "require password when the phone turns on" set under Lock Screen and Security => Secure startup. didnt encryption used to be under Lock Screen and Security too?
Click to expand...
Click to collapse
It's under Settings > Lock Screen and Security > Other Security Settings > Encrypt Phone... However it may be different on the T-Mobile branded phones but I'm not sure.
MrMike2182 said:
It's under Settings > Lock Screen and Security > Other Security Settings > Encrypt Phone... However it may be different on the T-Mobile branded phones but I'm not sure.
Click to expand...
Click to collapse
Yeah, my option is gone per comment above...VZN Note 5. Have seen a few other scattered reports this month. Not sure what is up.
nateinva said:
Yeah, my option is gone per comment above...VZN Note 5. Have seen a few other scattered reports this month. Not sure what is up.
Click to expand...
Click to collapse
That's weird. I have no idea what's going on with that then.
MrMike2182 said:
It's under Settings > Lock Screen and Security > Other Security Settings > Encrypt Phone... However it may be different on the T-Mobile branded phones but I'm not sure.
Click to expand...
Click to collapse
I have a Verizon Note 5 and it is definitely not there. But my phone was already encrypted before the update. I'm wondering if they just quit showing the option after you encrypt it? I don't think you can go back anyway other than by a factory reset. Does anyone with a Verizon phone that is not encrypted have the option? I'm sure my phone is still encrypted because if I power it down then turn it back on, I still get the password prompt followed by "verifying" followed by the decryption animation (the padlock with the circle swirling around it.
I can't believe that they would remove the ability to encrypt. Its been a standard feature of Android for quite a while now. I would not even consider buying a phone in this day and age that can't do it.
ratman6161 said:
I have a Verizon Note 5 and it is definitely not there. But my phone was already encrypted before the update. I'm wondering if they just quit showing the option after you encrypt it? I don't think you can go back anyway other than by a factory reset. Does anyone with a Verizon phone that is not encrypted have the option? I'm sure my phone is still encrypted because if I power it down then turn it back on, I still get the password prompt followed by "verifying" followed by the decryption animation (the padlock with the circle swirling around it.
I can't believe that they would remove the ability to encrypt. Its been a standard feature of Android for quite a while now. I would not even consider buying a phone in this day and age that can't do it.
Click to expand...
Click to collapse
Apparently there's another update available for the Verizon Samsung Galaxy Note 5 from PG5 to N920VVRS3BPI1 and I see Encryption moved back to Settings > Lock screen and security > Encrypt phone..
MrMike2182 said:
Apparently there's another update available for the Verizon Samsung Galaxy Note 5 from PG5 to N920VVRS3BPI1 and I see Encryption moved back to Settings > Lock screen and security > Encrypt phone..
Click to expand...
Click to collapse
Strange. I have the latest update - N920VVRS3BPI1 - and I don't have it.
ratman6161 said:
Strange. I have the latest update - N920VVRS3BPI1 - and I don't have it.
Click to expand...
Click to collapse
I think it's because you are already encrypted that's why.
I have a VZW Note 5 that was encrypted before the update and the feature was removed from settings. I am on the latest firmware ending in BPI1. When I reboot my phone I have to enter my pin, but it doesn't say decrypting, it is just the reboot lock because I use my fingerprint to unlock. I tried contacting Samsung (live chat, phone, twitter, and email), they have no clue what I am talking about (not surprised). One rep told me to go to a Best Buy and talk to a Samsung rep there.... :-/ I just want to know where it went, because it seems my device is no longer encrypted. I find it odd that there aren't any answers to this anywhere...
Has anyone figured out how to find the encryption settings? I just updated my TMobile Note 5 to 7.0 and I seem to have lost encryption. This is a huge problem as my work email policy requires it, and I can no longer sync emails or calendar appointments. ?
Mr_Armageddon said:
Has anyone figured out how to find the encryption settings? I just updated my TMobile Note 5 to 7.0 and I seem to have lost encryption. This is a huge problem as my work email policy requires it, and I can no longer sync emails or calendar appointments. ?
Click to expand...
Click to collapse
Why don't you be smart and at least black your personal email information out?
MrMike2182 said:
Why don't you be smart and at least black your personal email information out?
Click to expand...
Click to collapse
Not much someone can do by simply seeing my work email address (plenty of security measures in place), but good catch.
Mr_Armageddon said:
Not much someone can do by simply seeing my work email address (plenty of security measures in place), but good catch.
Click to expand...
Click to collapse
It's pretty easy to find out a lot of information with just an email address nowadays.. Better safe than sorry.
Hi XDA peoples. I come to you in times of great need, and to satisfy your curiosity.
Recently, my mother enabled biometrics on her discover banking app, specifically face ID. However, this enabled face unlock on the entire phone and, in doing so, set a password for the phone. Note, there was no password or any other authentication on this phone before - completely open device. Now she is completely locked out of the device due to the default security settings requiring a password every 4 hours. Remote unlock is disabled, so there is no hope of that working.
Now, my question is this: is there a password that the device would automatically apply if needed? And if so, does anybody know what it is?
Thanks.
Device is a T-mobile S21+, 8G RAM 128GB Storage.
I appreciate all help.
factory reset from recovery mode + unlock FRP with google account