Project

General

Profile

Issue #1854

Device not rebooting after 5 unsuccessful unlock attempts

Added by Jeremy Rand 12 months ago. Updated 2 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
Start date:
12/19/2017
Due date:
% Done:

0%

Resolution:
Device:
Galaxy S 3 (I9300)

Description

https://redmine.replicant.us/projects/replicant/wiki/UsageNotes states:

If a separate encryption password is in place and a PIN or password is set for the lockscreen, another security measure is active: After five unsuccessful attempts to unlock the screen, the device is rebooted and the attacker is faced with the much stronger encryption passphrase. This makes brute-force attacks on the lockscreen much harder.

This doesn't seem to work for me. I have an encryption password, and a different lockscreen password, and I've entered the wrong password 7 times in a row, and the device doesn't reboot.

This is with Replicant 6.0 0003.

History

#1 Updated by Andrés D 3 months ago

This works for me with 6.0 0004 nightly builds by Asara. After 5 wrong unlock attempts it reboots, I tried with both password and pin as unlocking methods.

#2 Updated by Joonas Kylmälä 2 months ago

I cannot reproduce the issue on 6.0 0003. Well... I can but the reason is https://git.replicant.us/replicant/frameworks_base/tree/packages/Keyguard/src/com/android/keyguard/KeyguardAbsKeyInputView.java#n45. So basically the Keyguard code doesn't care about passcodes that are shorter than 3 characters and you can type those infinite amount of times. Jeremy, could it be that the passcodes you tried were 3 or less characters?

Also available in: Atom PDF