Related
My company upgraded their exchange server, and now requires lock screens (PIN or password, no pattern) if we want to access email on our personal phones.
As someone with a rooted phone, is there any way to disable this and still have access to my corporate email? It's really annoying to have to punch in a PIN 500 times a day, but I really do need email access on my phone as much as I'm on the road.
I think this has been discussed before, but maybe on a different phone (HeroC maybe) But essentially no there isn't away - to access the server the phone goes through a series of checks, one of the checks being that an appropraite pin was entered to unlock the phone. if that check fails, authentication to the server is denied. Someone *might* be able to spoof the check in the email app, but I am fairly sure its actually OS deep, not just within the mail client.
So it would be a large undertaking and potentially could cause you to loose your job by by passing security measures. I know I wouldn't think twice about firing someone who did it on my network.
No way that I know of, and is something that is on pretty much everyphone. Blackberrys the security policies can even block installation of 3rd party applications.
What's even more fun for you, is the ability of your it staff to lock you out of your phone or even remotely wipe your phone.
Sent from my SPH-D700 using XDA Premium App
Restola said:
My company upgraded their exchange server, and now requires lock screens (PIN or password, no pattern) if we want to access email on our personal phones.
As someone with a rooted phone, is there any way to disable this and still have access to my corporate email? It's really annoying to have to punch in a PIN 500 times a day, but I really do need email access on my phone as much as I'm on the road.
Click to expand...
Click to collapse
I think you are stuck. Do you have the option of getting a company-supplied phone to access the company email, and keep your personal Android separate?
There is a thread in Q&A talking about an app that does this.
Do you BONSAI?
Actually there is a way I had to do it to my coworkers phone for her pattern lock
What u need: locked phone phones #, wifi or u can use wifi tether if u have another phone
1. Call the persons phone #
2. Leave phone call connected on both sides
3. Connect to wifi if u havnt already
4. Goto settings/accounts manager setting or what ever and log into a diff google account then it should require u to change the password to by pass it
Should work hopefully I read this thread correctly and answered appropietly
Edit sorry read it wrong and u don't think there is a way
My way is how u get around it
Sent from my Epic 4.1g bonsai plant
Here's the link to the thread that may help:
http://forum.xda-developers.com/showthread.php?t=1033017
I thought it was just being big brother, turns out its a regulatory requirement since we were bought by a publicly traded company. I guess I'll deal with it. If it pisses me off too much I'll just get rid of my exchange account on my phone and stop responding to emails when I'm not at my desk.
A possible workaround would be to try touhdwn for your exchange mail instead of the default mail client. Its a paid app but there should be a demo version in the market. I have a dp2 for work and they pay for touchdown for us. When using touhdown it pin locks just the app instead of whole phone. On my Droid at least moto customized the screen timeout and lock to be different timers so I found the pin to be less annoying than the interface of touchdown.
With the epics slightly bigger screen to make the TD interface a litte less annoying(lots of small buttons instead of utilizing menu button) and since epics lock is all or nothing I think I might actually use TD on my epic if I were getting my corp email there.
While not a complete removal of the pin maybe it would at least make it less annoying for you. Plus I'd guess if work catches you wihout a pin it might not go over well. TD solution lets you protect the email if you lose your phone, and does have a remote wipe for the same scenario.
First off I take no credit for this at all. All credit goes to Rsotbiemrptson who is a Jedi master for creating this after many have tried and failed.
What you have here is a flashable crack to the HTC Mail.apk that will bypass any and all security administrators that may be otherwise forced onto your device when syncing to an exchange server.
To install:
1. You must remove all mail accounts that you have set up in the Mail app.
2. If you have any existing security administrators present from a previous exchange sync deactivate them.
3. Set your lock time out to none under security settings.
4. Reboot into recovery and wipe Dalvik Cache
5. Flash the attached file.
As with all mods or changes to ROMS do a complete backup in recovery.
If you find this useful please send all thanks to Rsotbiemrptson for cracking this bad boy.
Has anyone tried this?
sdorn77 said:
Has anyone tried this?
Click to expand...
Click to collapse
I don't really understand the point of it. Is there something wrong with Exchange on the Tbolt? Mine works fine.
Shiftyshadee said:
I don't really understand the point of it. Is there something wrong with Exchange on the Tbolt? Mine works fine.
Click to expand...
Click to collapse
This is for people who want to use their Exchange account on their Tbolt, but DON'T want to give their Exchange admin the ability to enforce security policies on their phone (like having to enter a PIN every time you unlock the screen). Sounds like your Exchange admin doesn't implement any of those policies, so you don't need this.
Is this something that was implemented in newer versions of Exchange? I think my company uses 2007 still. Might be why I haven't seen this.
i managed to get my gmail, hotmail an windjammercable mail setup though exchange on my thunderbolt, but i kept getting sync errors where it would try to sync all three emails like every 5 seconds when the phone was operating in peak time. My battery went from like 100 to like 75 in less than 20 minutes So i had to just delete all the email setting i changed an go back to what i had before.
Now, if install your mail akp will this stop the sync errors?
Shiftyshadee said:
Is this something that was implemented in newer versions of Exchange? I think my company uses 2007 still. Might be why I haven't seen this.
Click to expand...
Click to collapse
It's been around since at least the 2003 version but it's all optional settings, your admin may just not have them enabled. Mine doesn't.
Jacquestrapp said:
It's been around since at least the 2003 version but it's all optional settings, your admin may just not have them enabled. Mine doesn't.
Click to expand...
Click to collapse
Gotcha. Thanks for clearing that up for me
This absolutely works on all DAS BAMF roms but should work on any ROM including stock. You only need this if you have exchange policies pushed to your phone by your company. If you don't know what this is you prob don't need it.
I do not know if it will fix the afore mentioned sync errors but I would doubt it.
Here's a new question. When I had CM7 on my Incredible, Exchange wanted to setup device admin rights. Now on my Tbolt with Sense I don't get asked. Any idea why?
madroix said:
This absolutely works on all DAS BAMF roms but should work on any ROM including stock. You only need this if you have exchange policies pushed to your phone by your company. If you don't know what this is you prob don't need it.
I do not know if it will fix the afore mentioned sync errors but I would doubt it.
Click to expand...
Click to collapse
I have installed this on DAS BAMF remix v1.4 and it does work so far. I was able to remove the PIN lock and use a pattern lock, which was not permitted before. Also, I didn't get the exchange security policy notice when I added my exchange account. Syncing appears to be working properly as well so far.
The mod is quite honestly ridiculous. Whats the point of trying to have security setup and protect possible sensitive information, when you don't want an Admin to enforce security rights.
This 100% defeats the purpose that was set in place by Exchange for good reason's. I sure hope everyone understands the SERIOUS consequences of what could happen by flashing this and possibly leak sensitive data into the wrong hands.
^^ it's a very good point. One of the problems with AS and lock screens is that with the default client and iPhones you have to pin to unlock even the phone. Nothing to do with email, just the darn phone. So everyone hates it. I use Touchdown which only requires a pin if you go to check email. But it's $20. Anyway, be careful with hacks that bypass security in a workplace. It could be cause for termination.
I love my phone, I've loved ALL my devices... Yes, I use it for work with MS Exchange email (MS Consultant), and yes the pin/password policies are annoying.
But I'm not about to risk my job over some "hassle" of 3 seconds to enter a pin. Aren't our email Administrators able to see we bypassed this or no?
oc3rulz said:
The mod is quite honestly ridiculous. Whats the point of trying to have security setup and protect possible sensitive information, when you don't want an Admin to enforce security rights.
This 100% defeats the purpose that was set in place by Exchange for good reason's. I sure hope everyone understands the SERIOUS consequences of what could happen by flashing this and possibly leak sensitive data into the wrong hands.
Click to expand...
Click to collapse
To be honest, if someone wanted my data or emails a stupid 4 digit pin is not going to stop them. There are many ways in getting a persons email off of there phone without even unlocking it. This seems like it is for those small companies who's admins are security freaks and its really not needed. Granted, I am sure apple would not be happy if an employee used this app or an android phone lol
Sent from my ADR6400L using XDA Premium App
It is important to keep sensitive data secure. I think a properly set up pattern lock is as good as a 4 digit PIN. I use lookout to be able to remotely wipe if needed.
THANK YOU SO MUCH! Hats off to the dev.
Do I have to remove gmail accounts too, or just the active sync exchange accounts?
Sent from my ADR6400L using XDA App
chriskader said:
To be honest, if someone wanted my data or emails a stupid 4 digit pin is not going to stop them. There are many ways in getting a persons email off of there phone without even unlocking it. This seems like it is for those small companies who's admins are security freaks and its really not needed. Granted, I am sure apple would not be happy if an employee used this app or an android phone lol
Sent from my ADR6400L using XDA Premium App
Click to expand...
Click to collapse
Let them get in hacking your password/pin, you won't be held responsible. However if you have the phone pin/password disabled and they realize this you will be terminated. They will be able to see that you are bypassing security measures, and you could have lawsuit on your hands as well.
Please dont think that I am bashing the dev, I'm simply trying to let people know that they very well could and most likely lose their job and have possible legal action taken against them for using this. Cellphones are such a volatile thing anyhow, but giving them an easier way in is not a good idea, especially not while breaking company policy.
oc3rulz said:
Let them get in hacking your password/pin, you won't be held responsible. However if you have the phone pin/password disabled and they realize this you will be terminated. They will be able to see that you are bypassing security measures, and you could have lawsuit on your hands as well.
Please dont think that I am bashing the dev, I'm simply trying to let people know that they very well could and most likely lose their job and have possible legal action taken against them for using this. Cellphones are such a volatile thing anyhow, but giving them an easier way in is not a good idea, especially not while breaking company policy.
Click to expand...
Click to collapse
Like I said, they don't even Ned to unlock your phone e to read the emails on of. Google it.
Sent from my ADR6400L using XDA Premium App
Anyone know how to set this up I will be letting my girlfriend and kids use my tab so I need to be able to login an out of my accounts to keep mainly my girlfriend out of my accounts like Facebook email thanks for any help
Sent from my T-Mobile G2 using XDA App
You could try an app called Invisible Protector. You can use it to lock your apps, but instead of the app showing up as locked it will show up w/ a FC error, and you can then use several different ways to access the locked app. And the only place the Protector app shows up is in the Widgets list. They also have one (Invisible Protector II) that doesn't show up at all. You have to dial a command to get to the settings.
For example I have mine setup so that when the error pops up it gives me an option to send an error report and in the next field I just enter my password and the app loads.
Sent from my A500 using XDA Premium App
But there is administrator under settings but I can't get it setup
Sent from my T-Mobile G2 using XDA App
That administrator option under settings I believe is to enable administrator features to certain apps - for instance allow a find my phone app to enable the GPS without going through the warning dialog, or enable a wipe app to remotely wipe the entire device's memory without confirmations if you lose it.
Ok thanks that's to bad I would love to have a guest account
Sent from my T-Mobile G2 using XDA App
temekio2000 said:
Ok thanks that's to bad I would love to have a guest account
Sent from my T-Mobile G2 using XDA App
Click to expand...
Click to collapse
Thee is a developer asking for testers for just what you are asking for look in the bottom forum section for apps and themes
http://forum.xda-developers.com/showthread.php?t=1478321
I think this is the thread
Use this with a app lock program.
That being said, there is no 'non-hackish' way to do that. While the kernel supports true multiuser, the rest of the OS doesn't. The Admin stuff in the settings is for locked-down devices integrated into corporate networks (i. e. you're only allowed to use apps approved by your boss and installed by your admin and your device gets wiped if you try to get around it... though it can be made less strict)
I also use an app to lock thing down. Only I know of
Sent from my AT100 using Tapatalk
The lockdown works via certain apps that install security hooks in your device -- basically giving them the ability to remote-wipe the device or do other funny stuff without your consent. The only app I know of that acually uses this is Junos Pulse, used to access Juniper SSL VPN networks (mostly in corporate or university settings), though I guess some of the 'remote admin' capabilities of antivirus tools use the same mechanisms.
The bottom line: Your app may actually use the mechanisms I described in my earlier post. If you want to check, see settings -> location & security -> device administrators.
temekio2000 said:
Anyone know how to set this up I will be letting my girlfriend and kids use my tab so I need to be able to login an out of my accounts to keep mainly my girlfriend out of my accounts like Facebook email thanks for any help
Sent from my T-Mobile G2 using XDA App
Click to expand...
Click to collapse
I noticed this post on the Gtablet site. It looks to do what you are asking for. Read down the the last post on page 1. I have not tried it yet so cant verify whether it works or not.
http://forum.xda-developers.com/showthread.php?t=863073
10 incorrect unlock patterns deletes data? I just viewed this in youtube and now im a bit hesitant. What if the phone was stolen? They can still use it?? How secure is that??
http://youtu.be/jHwQf4-bJzAy
That why you report it lost or stolen
Sent from my HTC One_M8 using XDA Premium 4 mobile app
The video isn't working but that's just stupid if true. What if your friend is ****ing around just trying to lock it and make you wait like on iPhone and there goes all the data
Sent from my HTC One_M8 using xda app-developers app
This is a horrible feature if true, if your phone is stolen the thief can reset it and have a brand new phone like he got it out of the shop
Well by reporting it stolen it would be known to carriers as a stolen phone and the IMEI would be registered
This has already been discussed in depth including the option to disable it. When the security of the data on the device is more important than the device itself, the feature is a wanted/required one. Most people would rather the phone not self destruct though.
http://forum.xda-developers.com/showthread.php?t=2701911
I just tried this on my phone and it didn't do anything. After 5 attempts I had to wait30 seconds and then after another5 it said you incorrectly entered the pattern 10 times and had to wait another30 seconds
Sent from my HTC One_M8 using xda app-developers app
l7777 said:
This has already been discussed in depth including the option to disable it. When the security of the data on the device is more important than the device itself, the feature is a wanted/required one. Most people would rather the phone not self destruct though.
http://forum.xda-developers.com/showthread.php?t=2701911
Click to expand...
Click to collapse
Thanks for the info
After permanenty locked you enter your email and password,
Is this present in every variant of m8? And no way to disable the automatic wiping of data without root? :-/
Sent from my HTC One using Tapatalk 4
vari9 said:
Is this present in every variant of m8? And no way to disable the automatic wiping of data without root? :-/
Sent from my HTC One using Tapatalk 4
Click to expand...
Click to collapse
Unknown, I can only confirm the Verizon variant. It appears to be an android setting though not an HTC centric one.
Mine doesn't show the "delete waring" and isn't resetting anything. My phone is unbranded and stock rom.
Asmund said:
Mine doesn't show the "delete waring" and isn't resetting anything. My phone is unbranded and stock rom.
Click to expand...
Click to collapse
You only really get it if you're using Exchange as email. I never had this "8 tries left before resetting phone" until I added my work email. If you have your work email and this is happening to you it's probably because your work requires that level of security. If you want to avoid it, just don't add your work email. There are ways to bypass it if you root, however some times (depending on admins) your job's IT dept can tell and you may have issues keeping said job.
Kypt said:
You only really get it if you're using Exchange as email. I never had this "8 tries left before resetting phone" until I added my work email. If you have your work email and this is happening to you it's probably because your work requires that level of security. If you want to avoid it, just don't add your work email. There are ways to bypass it if you root, however some times (depending on admins) your job's IT dept can tell and you may have issues keeping said job.
Click to expand...
Click to collapse
My phone is in fact set up for my work Exchange mail. Maybe some security is disabled in the Exchange server settings...
Asmund said:
My phone is in fact set up for my work Exchange mail. Maybe some security is disabled in the Exchange server settings...
Click to expand...
Click to collapse
Yeah I'd bet you anything that's what it is. My previous job used exchange as well but they did not have security enabled. As soon as I moved into my new job I had to set up a pin. It's a choice your employer's IT dept does whether by regulation or just more security-aware.
Kypt said:
You only really get it if you're using Exchange as email. I never had this "8 tries left before resetting phone" until I added my work email. If you have your work email and this is happening to you it's probably because your work requires that level of security. If you want to avoid it, just don't add your work email. There are ways to bypass it if you root, however some times (depending on admins) your job's IT dept can tell and you may have issues keeping said job.
Click to expand...
Click to collapse
Kypt said:
Yeah I'd bet you anything that's what it is. My previous job used exchange as well but they did not have security enabled. As soon as I moved into my new job I had to set up a pin. It's a choice your employer's IT dept does whether by regulation or just more security-aware.
Click to expand...
Click to collapse
Asmund said:
My phone is in fact set up for my work Exchange mail. Maybe some security is disabled in the Exchange server settings...
Click to expand...
Click to collapse
Exchange security can manipulate the settings but it appears to be enabled by default in Verizon's variant.
I was recently asked from a coworker to see if I could retrieve any and all media off of an LG G2 that belongs to a family member of his that has recently passed away. I've got some considerable experience with getting what i want out of all my previous android phones so I was confident it wouldn't be an issue. What i wasn't aware of is the fact that the LG G2 does not have a removable storage slot. Being said I'm entirely stumped given the lockout situation. The phone's currently locked by gmail account sign in from them trying to guess the lockcode incorrectly too many times. Now I do already know how to stock reset the phone, and as nice as that is it doesn't help me get these pictures off the phone before a complete wipe. Anyone have any ideas for me? Thanks in advance.
Well... you could try to enter download mode, flash the same firmware again over the current one, not CSE flash, not doing any resets etc..
It might remove the login..might..
If it's only gmail acc..you should still be able to connect it to pc and browser photos etc.
I've tried to connect to pc, unfortunately the phone wasn't set to mtp mode and I'm unable to change that. Therefore I can't browse the files.
Sent from my SM-G900V using XDA Free mobile app
solos420 said:
I've tried to connect to pc, unfortunately the phone wasn't set to mtp mode and I'm unable to change that. Therefore I can't browse the files.
Sent from my SM-G900V using XDA Free mobile app
Click to expand...
Click to collapse
what about Lg mobile tools? i think you can browse the phone with that, regardless of usb connection
solos420 said:
I've tried to connect to pc, unfortunately the phone wasn't set to mtp mode and I'm unable to change that. Therefore I can't browse the files.
Sent from my SM-G900V using XDA Free mobile app
Click to expand...
Click to collapse
Is it rooted?
I have no way to tell if it's rooted, but if I had to guess I'd say no it was an elderly persons phone. Odds are someone that age doesn't tamper with such things
Sent from my SM-G900V using XDA Free mobile app
Power it off
hold volume up and connect to pc.
It should display download mode and rooted or unrooted.
Also get more info about adb pull
Depending on the age of the person, interests etc you can predict if he rooted it or installed recovery.
Not rooted, and I have no way to enable usb debugging to use adb.
Can you please take a picture of the current situation ?
Are you sure it's the gmail pass it's asking ?
oh..I see..you typed 5-6 times the wrong pin, then it asks the gmail pass.
Get to the persons firefox or other browser and let it show all passwords.
Upon boot phone is locked requesting Gmail info. No action is possible until that is provided.
Sent from my SM-G900V using XDA Free mobile app
Do they access gmail on a home pc? If so, see if you can request a new password be sent to the account in question using the forgot my pwd option.
Also, I know it says it's locked, but what happens if you call the device or send it a text? Can you answer the call? Sometimes, after the call ends, it will land on the home screen.
bps119 said:
Do they access gmail on a home pc? If so, see if you can request a new password be sent to the account in question using the forgot my pwd option.
Also, I know it says it's locked, but what happens if you call the device or send it a text? Can you answer the call? Sometimes, after the call ends, it will land on the home screen.
Click to expand...
Click to collapse
That would be difficult considering he stole a phone and now is trying to break into it. I don't think the original owner is going to give him that info.
If I stole it I'd just wipe it and sell it. I'm concerned with reclaiming the pictures on it for the family. Not everyone is a scumbag with no job.
Sent from my SM-G900V using XDA Free mobile app
We here do believe you. But regarding google policies his family may provide some evidence or try to recover the password with google help, online of course. Everything else would be considered hacking. Hm..what does lg official software say?
I've already perused the policy for acquiring ownership of a deceased persons Google account. Unfortunately it stays that after a couple months time and even with supreme court approval they don't guarantee anything. They need to establish some law that makes this easier for relatives. I have not looked for any lg policies I didn't think it would apply being locked via Google account.
Sent from my SM-G900V using XDA Free mobile app
Ok. Here is what I'm gonna do for you. I will flash stock kdz, with password protect, will enter wrong pass until it asks me for gmail acc. Then I'm gonna flash the very same firmware without wipe in order to see if it removes the lock. 99% it wont remove it but 1% it will.
Much appreciated, must be nice to have extra devices to experiment with.
Sent from my SM-G900V using XDA Free mobile app
I don't have extra devices. I'll do a backup and take some time.
EDIT:
Sorry but no..It asks the details again, even after upgrade :/
Thx for testing for me anyways
Sent from my SM-G900V using XDA Free mobile app