Related
Android 3+ has a nice feature -- device encryption. You can encrypt the contents of your device with a password, and after that this password must be entered during device boot, otherwise the data is permanently lost.
The bad thing is that this password is set to the screen lock PIN / password. So you either set a short password or PIN, that you can enter quickly each time you unlock your phone from sleep (but this provides weak encryption), or set a long password and have to type it 20-30 times during the day.
This stupid behavior may be fixed easily. Android provides command-line tool called 'vdc', an interface to Android Volume Manager. As written in "Notes on the implementation of encryption in Android 3.0" [1], it has a command 'cryptfs changepw', that allows changing encryption password. Of course this command must be executed as root.
vdc has some other commands related to encryption, one of them is 'cryptfs verifypw', that allows to validate the supplied password.
I'm currently writing an application that will assist user with changing encryption password. This is my first public application for Android. You can find a source code on GitHub [2]. It is very simple, but maybe android gurus here may find what to make better.
Comments and pull requests are welcome
Thanks!
[1] http source.android.com/tech/encryption/android_crypto_implementation.html
[2] https github.com/kibab/encpasschanger
Updated 30.06.2012: Added APK file!
Kibab said:
Android 3+ has a nice feature -- device encryption. You can encrypt the contents of your device with a password, and after that this password must be entered during device boot, otherwise the data is permanently lost.
The bad thing is that this password is set to the screen lock PIN / password. So you either set a short password or PIN, that you can enter quickly each time you unlock your phone from sleep (but this provides weak encryption), or set a long password and have to type it 20-30 times during the day.
This stupid behavior may be fixed easily. Android provides command-line tool called 'vdc', an interface to Android Volume Manager. As written in "Notes on the implementation of encryption in Android 3.0" [1], it has a command 'cryptfs changepw', that allows changing encryption password. Of course this command must be executed as root.
vdc has some other commands related to encryption, one of them is 'cryptfs verifypw', that allows to validate the supplied password.
I'm currently writing an application that will assist user with changing encryption password. This is my first public application for Android. You can find a source code on GitHub [2]. It is very simple, but maybe android gurus here may find what to make better.
Comments and pull requests are welcome
Thanks!
[1] http source.android.com/tech/encryption/android_crypto_implementation.html
[2] https github.com/kibab/encpasschanger
Click to expand...
Click to collapse
Sorry im noob
What will change visualy?
Or screenshot?
Sent from my LT26i using XDA Premium HD app
Thank you for this. I wanted a more simple password for the unlock, but a longer more complicated password for the decryption. You should put it on the market and charge $.99USD (or equivalent in your currency) as it's quite useful. I'd buy it
Thank you!
Actually I have registered myself as Google Play Developer, now I'm waiting for approval. As soon as my registration is approved, I will update this thread
Although I'm going to make a free and donate versions, because I believe that will help to make Android better, and people who want to say "Thank you" will buy Donate version anyway
uDroid said:
Sorry im noob
What will change visualy?
Or screenshot?
Sent from my LT26i using XDA Premium HD app
Click to expand...
Click to collapse
Nothing will change visually, hence no screenshot. What's important is that you may set strong password for decrypting the internal storage, but keep using simple password (or PIN) to unlock the screen.
P.S. I have verified that my app works on Jelly Bean too.
I have finally published an application on Google Play! Currently there is a free version, Donate version will come a bit later
The link is: https:// play.google.com/store/apps/details?id=com.kibab.android.EncPassChanger
Enjoy!
Thanks for that app, that is also what annoyed me
Thanks for this. I've been trying to work out why encryption wont work on any ROM on my HOX (dies with unable to get size of block device cryptfs), and you have given me a good lead to investigate with vdc. Information on encryption in android is sparse, and almost all threads here on XDA get no replies.
Thanks again.
I've been tempted to use device encryption recently, but there is a distinct lack of information about it, particularly on custom ROMs...
Might need to give it a go, just the lack of backup abilities might be an issue...
pulser_g2 said:
I've been tempted to use device encryption recently, but there is a distinct lack of information about it, particularly on custom ROMs...
Might need to give it a go, just the lack of backup abilities might be an issue...
Click to expand...
Click to collapse
I use CM10 on the Galaxy Nexus (maguro). Encrypted. Actually, only /data is encrypted. /system stays unencrypted. And this App works as described.
For Backup use TWRP. It asks for your password to decrypt storage.
You can then backup, restore, flash, install whole ROMs, wipe and what not.
>> I would like to see this app in Play Store <<
I should read before I post:
Kibab said:
I have finally published an application on Google Play! Currently there is a free version, Donate version will come a bit later
The link is: https://play.google.com/store/apps/details?id=com.kibab.android.EncPassChanger
Enjoy!
Click to expand...
Click to collapse
Thanks for that
btw. The encrypted /data partition lets you have two boot animations, one that is shown before code has been entered (the one in /system/media) and one after the correct code entry (the one in /data/local).
zurchpet said:
I use CM10 on the Galaxy Nexus (maguro). Encrypted. Actually, only /data is encrypted. /system stays unencrypted. And this App works as described.
For Backup use TWRP. It asks for your password to decrypt storage.
You can then backup, restore, flash, install whole ROMs, wipe and what not.
>> I would like to see this app in Play Store <<
btw. The encrypted /data partition lets you have two boot animations, one that is shown before code has been entered (the one in /system/media) and one after the correct code entry (the one in /data/local).
Click to expand...
Click to collapse
Hmm... I have i9100 (S2), so I would need to see about putting TWRP onto it...
Yeah, only data and SD are encrypted... Can TWRP cope with encrypted SD btw?
Great, it's easier than to change on command line
This should just be default android behavior
pulser_g2 said:
Hmm... I have i9100 (S2), so I would need to see about putting TWRP onto it...
Yeah, only data and SD are encrypted... Can TWRP cope with encrypted SD btw?
Click to expand...
Click to collapse
Yes, SD is encrypted too. And TWRP can only read from it after correct code entry. Don't know about the external SD though (since the Galaxy Nexus doesn0t have one).
zurchpet said:
Yes, SD is encrypted too. And TWRP can only read from it after correct code entry. Don't know about the external SD though (since the Galaxy Nexus doesn0t have one).
Click to expand...
Click to collapse
Wish I had a second phone, then I could just research this
Quite awesome. Now, can I use a strong password for encryption and then pattern lock for normal day to day use? That would be my ideal situation. I heart pattern lock!
Just trying to clarify how this works... so you keep your normal 'short' pin unlock code for unlocking the screen, but set a long code for decryption, and this code will only be requested once per boot, during bootup? Is this correct?
Thanks
How it works
Yes Sir. You are correct.
adrianblack said:
Quite awesome. Now, can I use a strong password for encryption and then pattern lock for normal day to day use? That would be my ideal situation. I heart pattern lock!
Click to expand...
Click to collapse
Unfortunately it's not possible to use pattern lock while using device encryption, Android forbids it. Patching Android framework will help, but this is completely another story and possible suggestion for ROM makers such as Cyanogenmod.
Is the 16 character Android limitation present, when using this tool? I currently use a 16 character device encryption/unlock pass phrase. I'd like to strengthen the device pass phrase some more.
I don't know if this is even possible during the device boot sequence, but being able to use a Yubikey with an OTG cable would be awesome!
RF
hello,
i am thinking about rooting my galaxy s3 T999.i was wondering what are some of the things you can do with a rooted phone?is it safe?i have the insurance on my phone.will this void my insurance in anyway if i needed to use it?if i download one of the custom roms with less bloatware will i be able to do everything i could with stock ROM.(games, internet etc).is there anything i cant do with a custom rom that i could do with stock?
sorry for being such a noob..
great site.
if i root and jelly been comes out for the galaxy s3 will i be able to upgrade without affecting my root or anything.
laprodigy001 said:
hello,
i am thinking about rooting my galaxy s3 T999.i was wondering what are some of the things you can do with a rooted phone?is it safe?i have the insurance on my phone.will this void my insurance in anyway if i needed to use it?if i download one of the custom roms with less bloatware will i be able to do everything i could with stock ROM.(games, internet etc).is there anything i cant do with a custom rom that i could do with stock?
sorry for being such a noob..
great site.
Click to expand...
Click to collapse
Yes it is very safe. Simple too! It can be done under a minute. I rooted my phone using CF-root. Rooting voids your warranty though, but you can reset the flash counter with Triangle Away and they will be none the wiser. :3
Yeah custom ROMs can do everything a stock ROM can and more. You should not be missing any features.
---------- Post added at 12:40 PM ---------- Previous post was at 12:31 PM ----------
laprodigy001 said:
if i root and jelly been comes out for the galaxy s3 will i be able to upgrade without affecting my root or anything.
Click to expand...
Click to collapse
I think you will have to reflash the root using mobile Odin. Not too sure. Maybe someone else can come here and verify.
laprodigy001 said:
i was wondering what are some of the things you can do with a rooted phone?
Click to expand...
Click to collapse
This is a hard question to answer without just listing of the capabilities of applications that are available on Play. I will just mention what I know in a very basic way. It isn't all 100% technically correct, but if you know enough to say it isn't 100% then my explanation is probably not for you. =D
There are system level changes that can be made to your phone that are normally protected. Android, under the hood, has a file system and for all intents and purposes is very similar to what you see in Windows/OSX. It however, does not have a pretty graphical UI over it that is exposed to you by default.
Most of the system's settings and applications are stored very specific directories on the file system and by default you do not have the ability to directly change anything in those directories; this is done via permissions if you care to read more about it. When you are running your phone you are essentially running as a restricted user. When you root your phone you are giving yourself access to the 'root' user. On a Linux system that is essentially the account that is allowed to change and access anything on the file system; thus all the previous restrictions I mentioned are gone.
This gives you many abilities, some of which are trivial and some of which are not. Consider that as your non-rooted aka restricted user, you can not remove 'bloat ware' from your phone. Verizon is very notable for doing this. You essentially are not allowed by permissions to do so. However as root, you can delete whatever you want. Applications in Android are binary files with the *.apk extension and can be roughly (not always correctly) deleted by removing the *.apk file. You can also do things like directly read the *.apk files and upload them to another site as away to back up your applications (Titanium Backup). There are also more esoteric things like changing some of the settings file where where buffer sizes are kept for reads/writes, etc (SetCPU and flash 'overclocking' apps).
There are more such as wireless tethering (allowing your phone to act as an Wireless Access Point so your wireless desktop/laptop can use your 3g/2g/4g/etc data connection on the road), customizing the look and feel of the ui, etc.
laprodigy001 said:
is it safe?
Click to expand...
Click to collapse
Yes and no, but mostly yes. I don't want to scare you, but rooting your phone opens your phone up to higher access by you and by the applications you install. You do have the ability to deny applications super user access, but if you do you do need to realize that super user granted application will have unrestricted access to your phone and data. So only do it for applications where you can verify the application your self or trust the publisher.
The actual root process is generally 'revertible'. By revertible I mean that you will be able unroot/get your phone into a working status, but you will most likely lose any data that is stored only on your phone. You can however back data up to other sources prior to doing anything potentially risky. By the time a guide is posted for a newer user to follow, the process has been tested to a level where it won't outright damage your phone on physical level. Usually anything wonky can be fixed by flashing a stock ROM (which yes does include losing all of your data unless you back it up somewhere). Be aware that the first time you do this you will probably be looking at investing time into learning jargon and programs you've never heard of before. It can be daunting, but most of the guides are posted in step-by-step format.
laprodigy001 said:
is there anything i cant do with a custom rom that i could do with stock?
Click to expand...
Click to collapse
They will have the same abilities. Some stock ROMs come with carrier (e.g. Verizon, Sprint, etc) applications that will most likely not be present on the custom ROM. However most of the time if you really want them you can still in stall them and they will work. I am not currently aware any that don't.
xxfreakazoidxx said:
.... you can reset the flash counter with Triangle Away and they will be none the wiser. :3...
Click to expand...
Click to collapse
FYI, Its been discussed countless times, in countless threads, Triangle Away does NOT work for any US variant of the GS3 currently, and its author says he most likely wont be making it work, either. Maybe someday someone will get it to work, but as of right now, no.
In short, i deleted my photos by accident, and deeply desire to recover them.
Data Recovery programs wont work on my Google Nexus 4, for a combination of reasons. Namely, because it is not a usb mass storage device, it is internal memory, and because the phone has not ever been rooted. If it is possible to recover the photos without rooting the phone, this would be favorable. But i doubt this is possible.
Is there a way to root my phone without causing a "factory wipe/reset"? Perhaps by avoiding unlocking the bootloader?I am not even 100% sure if this can be achieved on 4.4.2. as of now. I am continuing to investigate, but if anyone has the know-how, please let me know.
this forum here, suggests something that might work, but at the end of the forum, it suggests that 4.4.2 is still impossible to root without wiping.
-There are methods of scanning the phone after it has been rooted, but i can't find the right kind of rooting i need.
-There are methods of copying the phone's hard drive -bit-by-bit- to my PC in .RAW format, and then converting this into something that can be mounted like a real drive, which could be scanned and from which photos could be recovered., but this method requires a rooted phone as well
-there is a possibility of trying to mount the phone on a linux OS, and then scan it possibly. but i don't know if this is impossible.
i am reading the basics in the meantime.
LG Google Nexus 4, 4.4.2
Build:KOT49H
kernel:
3.4.0-perf-g2cae413
[email protected] #1
wed Nov20 14:54:28 PST 2013
Desktop PC: Windows 7 Professional 64bit, service pack 1.
Laptop: mac...
you can read more about things i have tried and my other concerns, in greater detail below.
LOTS OF METHODS, LITTLE CLARITY
I just came back from visiting some dear friends in china and purchased an upgraded version of dropbox. Before I uploaded my photos, I accidentally deleted my entire album.
What is the safest and surest attempt for recovery?
1. i need to avoid installing anything on my phone as much as possible - (lest it overwrite the empty areas where the "deleted" photos reside.)
2. i need to keep my phone off as much as humanly possible (lest it overwrite the empty areas where the "deleted" photos reside.)
3. almost without saying - id like to avoid bricking my phone, (lest it destroy my "deleted" photos)
SOFTWARE RECOVERY SECTION
All known software recovery programs won't find any data on my phone because either they are made for scanning mountable drives, USB mass storage devices, or some simply cannot scan the device unless i root my phone (although I am not sure if rooting is directly correlated with successful scanning, or if rooting the phone simply allows me to carry on with other necessary steps prior to "successful scanning"- like allowing me to installing apps that allow me to mount the internal memory as a scannable drive). Enabling USB Debugging, or enabling/disabling MTP is not the same as enabling USB mass storage mode. Seeing the Nexus 4 as "portable Device" under my computer does not mean it is a mounted drive that i can scan with a recover program. No matter what, nothing seems to work with the Google Nexus 4 as it is now.
***I first tried installing the driver's through the ANDROID SDK, by unzipping the contents from the downloaded zip file and by double clicking the .exe file. Double-clicking the .exe file resulted in a cmd dos-style window popping up and immediately disappearing. Perhaps i needed to put the extracted folder on "C:\"?
REGARDLES....later, I have used WugFresh Nexus Root Toolkit v1.8.2 for ensuring proper driver installation for my phone. I have only used this software to install drivers. It walks you through bad-driver uninstallation/clean up, it retrieves the latest drivers, installs them, and then tests their workability for you and lets you know if the drivers were successfully installed.
I have not used Wug's toolkit to root or hack my phone... yet....
Below is a list of software I have used on my Windows machine and my mac. These simply will not work with the phone as it is right now.
Remo
TenorShare
Bycloud android data recovery
Android Data Recovery
Dr. Fone
Recuva
- i havent tried disk digger. but it requires a rooted phone.
SO simple methods will simply not work? Please correct me if I am wrong.
BIT BY BIT CLONE METHOD
This seems to be the most tedious (but thorough) method for actually preparing something that can be truly scanned for photo-recovery. This method seems to create a bit-by-bit copy of the phone to my computer, which can be converted and mounted and then scanned.
However, it requires rooting. Not to mention, it recommends non-destructive rooting. Which leads me to the next section ...
ROOTING section (and its problems)
In the fruitless sections listed above, it always seems to lead towards rooting as a requirement. Most people say you should root your phone when you first get it, because, i suppose rooting is "synonymous" with a wipe/reset. I believe this reset happens as a result of the bootloader being unlocked. According to MY limited understanding, this unlocking process essentially causes a "factory reset" which wipes the phone, and then catastrophically overwrites the precious space where the deleted photos currently reside. this is unacceptable. I imagine, this "reset" is for security reasons.
Most people seem to suggest that you make a back up before you root. This isn't helpful for my situation because we are talking about retrieving deleted data. I cannot make a back-up of deleted data.
Is it really possible to root without wiping the Google Nexus 4?
Is it even profitable to consider rooting a viable option? I don't imagine myself enjoying a rooted phone as much as others on this forum. I would hate to be creating a black hole for malicious software to breed. i am only concerned with data retrieval for this one time in my life. Is rooting the only viable option? If i root, won't that make the previously mentioned software-scanning section (e.g., Dr. fone), more viable than the BIT-BY-BIT section tedious and pointless by comparison?
All in all, I think it most likely that i will need to root my phone and do the bit by bit copy. If a rooting-first-step is the final conclusion, then I am looking for clear and careful advice for my specific phone on how to root it without jeopardizing the deleted photos (e.g., avoiding a "factory reset" from unlocking the bootloader, or perhaps avoiding unlocking the bootloader altogether) and how to hopefully carry on from there. I don't even know if avoiding "unlocking the bootloader" will virtually guarantee a non-destructive root method
Rooting gets crazy because it leads to necessary installations of SuperUser, busybox, kernels, roms, etc... There are so many unfamiliar vague terms for a beginner like me and it is taking tons of time to break through. I am uninterested in keeping my phone rooted, or maintaining a lifestyle with a rooted phone. if we can move expeditiously from point A to B and then back, (get in, get the photos, and get out,) that would be the most awesome plan.
LINUX METHOD?
is there another way to get to the deleted photos?.
I do not know if 'mounting' the phone is akin to 'mounting' a scannable drive. http://www.youtube.com/watch?v=fw2MKGIgyF4
maybe this is another wild goose chase?
IN SUMMARY
1. It would be helpful if there was a root-free photo-recovery software solution that actually works (this is unlikely to be in existence) with an unrooted nexus 4
2. It would be helpful if it is possible to root without destroying my chances of recovering my deleted photos, with the goal of allowing recovery software access (deeper access) to my phone, i.e. disk digger or if necessary... a bit-by-bit copy to my PC.
3. it would be interesting if the nexus 4 can be magically mounted and scanned on the linux operating system
4. It would be MOST HELPFUL if there was a clear consensus on what direction to take, because there is a lot of misinformation out there. One wrong step and i could end up shooting myself in the foot twice (if i inadvertently reset my phone), or three times (if i brick my phone).
5. can the phone be put back to normal (i.e. unroot) after rooting? or does this require that i make a full backup of the phone in its current state? ( i tried using WUGS toolkit to backup my media, but it wont do it unless i unlock the bootloader... back to that problem again )
I'm sorry for sounding like an idiot. I have been at this for a more than a few hours. I sincerely appreciate any help and consideration towards this specific situation in advance, and the hope that this forum has already offered me.
Impossible to root 4.4.2 without unlocking the boot loader and wiping the device.
DrFredPhD said:
Impossible to root 4.4.2 without unlocking the boot loader and wiping the device.
Click to expand...
Click to collapse
Same problem.... There isn't a solution yet? :crying:
fabrollo said:
Same problem.... There isn't a solution yet? :crying:
Click to expand...
Click to collapse
Nope, you have to unlock the bootloader and that wipes the device
Sent from my SAMSUNG-SGH-I727 using XDA Free mobile app
jd1639 said:
Nope, you have to unlock the bootloader and that wipes the device
Sent from my SAMSUNG-SGH-I727 using XDA Free mobile app
Click to expand...
Click to collapse
And after i should try to recover all the wiped files with diskdigger for example? Maybe the datas that we was searching will be found?
Thanks... if i must try this way to solve my problem i will bite the bullet...
fabrollo said:
And after i should try to recover all the wiped files with diskdigger for example? Maybe the datas that we was searching will be found?
Thanks... if i must try this way to solve my problem i will bite the bullet...
Click to expand...
Click to collapse
The chances of recovering anything is very small
Sent from my Nexus 5 using XDA Free mobile app
Hello,
I own the Redmi 2 16 GB (HM 2014813), that's a good device but MIUI ROMs do not support device encryption. I've been searching for a clear answer but could not find any "definitive" information: Is there any custom ROM that will enable full/partial device encryption on this phone? Has anyone successfully tried with some of the ROMs that are maintained here?
Thanks a lot
Temasek CM13.0 can
Still no joy
harsh405 said:
Temasek CM13.0 can
Click to expand...
Click to collapse
Thanks Harsh405, I've checked on Temasek thread but apparently nobody has tried it, and my question there remains unanswered.
I'v got an old version of ResurrectionRemix installed (ResurrectionRemix-M-v5.6.0.-201601106-wt88047) with full encryption activated. Don't know about recent versions though.
I also have the same device like you..
And i confused what the custom rom can i flash be sides miui rom
gwgjust said:
I'v got an old version of ResurrectionRemix installed (ResurrectionRemix-M-v5.6.0.-201601106-wt88047) with full encryption activated. Don't know about recent versions though.
Click to expand...
Click to collapse
Thanks gwgjust, I'll take that a look!
rkpg has given a pretty clear answer on CM Thread: the Redmi 2 CPU ARM Cortex-A53 does not have native support for AES instructions, so it won't support device encryption or, even if you flash it with a custom ROM that has the option to enable it, it will perform VERY poolry.
So, here is the final short answer: Redmi 2 doesn't support device encryption. And even if you have changed the ROM and you can enable it, don't use it or you'll get huge problems. Instead, use Google Device Manager or the built-in "Find Device" MIUI functionality (https://i.mi.com) for protecting your device in case it's lost or stolen.
Additional information can be found here
Colosseo said:
rkpg has given a pretty clear answer on CM Thread: the Redmi 2 CPU ARM Cortex-A53 does not have native support for AES instructions, so it won't support device encryption or, even if you flash it with a custom ROM that has the option to enable it, it will perform VERY poolry.
So, here is the final short answer: Redmi 2 doesn't support device encryption. And even if you have changed the ROM and you can enable it, don't use it or you'll get huge problems. Instead, use Google Device Manager or the built-in "Find Device" MIUI functionality (https://i.mi.com) for protecting your device in case it's lost or stolen.
Additional information can be found here
Click to expand...
Click to collapse
Google device manager only help in finding phone, which is like peanut against full device encryption. Full device encryption helps to secure personal data being shared with servers of different apps and sites. No firewall or antivirus can stop sharing data with app and internet servers except full device encryption which Apple phones do.
rkpg said:
Google device manager only help in finding phone, which is like peanut against full device encryption. Full device encryption helps to secure personal data being shared with servers of different apps and sites. No firewall or antivirus can stop sharing data with app and internet servers except full device encryption which Apple phones do.
Click to expand...
Click to collapse
Totally agree. The only thing that these apps can do for security is allowing user to remote wipe the phone
mine works
rkpg said:
Google device manager only help in finding phone, which is like peanut against full device encryption. Full device encryption helps to secure personal data being shared with servers of different apps and sites. No firewall or antivirus can stop sharing data with app and internet servers except full device encryption which Apple phones do.
Click to expand...
Click to collapse
I just installed cm-12.1-20161121-UNOFFICIAL-hermes.zip and it encrypted within seconds, NO performance hit (that I could tell)...
cheers,
tencarsb
Good to know, thanks for update!
Encryption should work in ARM64 builds, geekbench tests show big difference in AES performance:
19.4 MB/sec (32bit) VS 354.6 MB/sec (64bit)
4 hours later...
Just flashed [WIP][ROM][ARM64][VoLTE][Redmi 2] CAF_AOSP_7.1.2 for Redmi2 WT88047, and encryption works!!
In Settings > Security & Location > Encryption & Credentials it says, "Phone not encrypted".
I want to encrypt my phone to protect the data in case I lose the phone, but is it working? Any important things I should know?
My key concerns:
1. Will I still be able to do OTA updates of LineageOS microG after encrypting?
2. Will I be able to backup phone using TWRP?
3. Will I be able to restore backups with TWRP?
4. Can I decrypt backups using TWRP to get my data?
I found a bunch of old threads from 2014 and it sounded unstable to encrypt. I don't see newer threads though.
Thank you for any guidance you may be able to provide as I am a LineageOS noob (less than 1 month experience!) .
Before this official TWRP update it was not working.
I encrypted my phone before one month ago. when i downloaded and installed the OTA update, the decryption pattern did not recognized. I was damn sure about the correct pattern to unlock but it didn't worked. I need to reset my phone to make it working.
I am not sure if its working now after updates from both TWRP and Lineage os.
please reply if any one know about current situation.
[NOTE]: If you are noob and trying to encrypt your phone, then keep backup of your internal storage and all apps, Sms and Contacts etc. because, after encryption, you can not access files and appdata from internal storage.
[email protected] said:
I encrypted my phone before one month ago. when i downloaded and installed the OTA update, the decryption pattern did not recognized. I was damn sure about the correct pattern to unlock but it didn't worked. I need to reset my phone to make it working.
Click to expand...
Click to collapse
Thank you for this! Possibly saved me. I don't care about accessing my encrypted data through TWRP, but I do want to be able to do OTA. I also want my data protected if I lose my phone.
In the latest release of TWRP 3.4.0-0 there seem to have done lots of work on encryption
Encryption
ext4Crypt Wrapped Key Update - Peter Cai
Fix upgrading encryption key if export fails - Peter Cai
Fix wrapped key support for devices without metadata partition - mauronofrio
Don't skip decryption when using block map file in order to write to /data in ORS - CaptainThrowback
FDE - Decrypt master key first - AndroidableDroid
vold_decrypt - set Android version and patch level automatically - CaptainThrowback
Set wrapped decrypt support by twrp flag - Peter Cai
Don't try wrapped support unless needed - mauronofrio
restore ext4 policy on /data/cache - Bigbiff
multiuser decryption - Noah Jacobson
FDE retry - AndroidableDroid
Click to expand...
Click to collapse
So, tell me about encryption. posted on Reddit --> This thread from 2 years ago on reddit has some phones working with encryption and some not working.
So who else is running full disk encryption on their LineageOS install? I guess I have to try it and pray next week.