Separate screen lock and boot passwords
vdc cryptfs enablecrypto inplace password MyLongPassword
vdc cryptfs enablecrypto wipe password MyLongPassword
Or with an app such as SnooperStopper, which uses
vdc cryptfs underneath.
This allows for a great compromise between security and usability. You can set a simple PIN for the screen lock, and a long alphanumeric password for boot which is your actual encryption key.
Unfortunately it seems that
vdc cryptfs no longer works on recent Android versions (I tested with Lineage 16). This probably stems from the fact that Android now relies on a Trusted Execution Environment (TEE) to (securely?) derive an encryption key out of the user's lock screen PIN and then store it.
- Old devices have SoCs that do not support a TEE.
- There may be no free software TEE implementation available for the target device.
- Even if a free software TEE is available, the device's bootloader is locked and cannot load it.
For further details check Gatekeeper HAL backend.
As such, finding a way to have a separate boot password/encryption key on Replicant 10 seems to be a must. Otherwise users will be faced with a dilemma:
a) Use a simple PIN and be exposed to bruteforce attacks.
b) Use a long password and take some long minutes to unlock the phone everytime they need it.
Updated by Kurtis Hanna 3 months ago
- Device Not device specific added
- Device deleted (
The comments in this issue suggest that there is a way to still make this work in AOSP 9: https://github.com/nelenkov/cryptfs-password-manager/issues/25
Specifically it sounds like the necessary changes were made in this fork of the program: https://github.com/thedroidgeek/cryptfs-password-manager
I don't know if it also works for Android 10 or 11 though.