Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Android Full-Disk Encryption Cracked

Axel Simon axelsimon at
Mon Jun 10 15:00:46 PDT 2013

On 30/04/13 04:55, Tom Ritter wrote:
> Android *NEEDS* to allow a user to have a separate unlock screen
> password from the disk password. Most users are wholly unwilling to
> have a long screen unlock password, but willing to have a long boot
> password.  They need to be decoupled.  There is no technical reason
> this is not possible (as demonstrated) - it's just usability concerns
> and UI. This issue is at
> and I
> encourage you to star it to vote for it.

This may come a bit late, but I feel it might be interesting to add that an app
has been developped to do just that:

EncPassChanger -
> This is an application for Android 4.0.3+, which allows to set disk encryption password different from lock screen password. Stock Android 4 firmware doesn't allow setting different screen lock and disk encryption passwords, and that either forces you to use weak password, or to type long secure password each time you unlock the screen of device. This application uses standard VDC calls to validate and set new password.

It's also on F-droid:

Lastly, Nathan's solution of combining a Yubikey (on a USB-OTG/Host cable) with
a short PIN is great and could still be used in combination with EncPassChanger.
Unfortunately, I can't vouch for it: I discovered with some disappointment that
my phone doesn't have USB-OTG (I would have thought it was standard on all
modern smartphones) and that some homebrew Android ROMS (a CyanogenMod
derivative in my case) don't have the Android encryption active.


Axel Simon

mail/jabber/gtalk: axelsimon at
twitter / @AxelSimon

More information about the liberationtech mailing list