Separate screen lock and boot passwords
vdc cryptfs enablecrypto inplace password MyLongPassword
vdc cryptfs enablecrypto wipe password MyLongPassword
Or with an app such as SnooperStopper, which uses
vdc cryptfs underneath.
This allows for a great compromise between security and usability. You can set a simple PIN for the screen lock, and a long alphanumeric password for boot which is your actual encryption key.
Unfortunately it seems that
vdc cryptfs no longer works on recent Android versions (I tested with Lineage 16). This probably stems from the fact that Android now relies on a Trusted Execution Environment (TEE) to (securely?) derive an encryption key out of the user's lock screen PIN and then store it.
- Old devices have SoCs that do not support a TEE.
- There may be no free software TEE implementation available for the target device.
- Even if a free software TEE is available, the device's bootloader is locked and cannot load it.
For further details check Gatekeeper HAL backend.
As such, finding a way to have a separate boot password/encryption key on Replicant 10 seems to be a must. Otherwise users will be faced with a dilemma:
a) Use a simple PIN and be exposed to bruteforce attacks.
b) Use a long password and take some long minutes to unlock the phone everytime they need it.