134

I use a duress PIN to protect my data — here’s how it works and why everyone needs one (www.androidauthority.com)

submitted 4 days ago by baatliwala@lemmy.world to c/android@lemdro.id

46 comments fedilink hide all child comments

all 47 comments

sorted by: hot top controversial new old

[-] Sterile_Technique@lemmy.world 49 points 4 days ago

IIRC one of the mobile operating systems has a duress pin that instead of deleting all your shit, it just opens up basically a different user profile. So you can throw a few random apps and photos etc until it looks convincing, and just have that on standby. Put in your normal pin and you get the profile you actually use.

Cop demands to see your phone, and it's just a "sure - it's 4022" and they get to scroll through some uninteresting bs.

Go home and put the real pin in and it's back to normal - nothing's deleted.

It's kinda like carrying a throw-wallet with a few bucks and expired credit cards... get mugged, hand em that, and be on your way with your real wallet in another pocket.

[-] CosmicTurtle0@lemmy.dbzer0.com 30 points 4 days ago

It's gonna be sus when your browsing history and other stats on that profile doesn't collate with how a normal person uses their phone.

They might confiscate the phone.

My point is that you shouldn't assume your phone is secure.

[-] Sterile_Technique@lemmy.world 13 points 4 days ago

That's a good point. I wonder if there's a way to combine the throw-wallet duress pin with the delete-everything duress pin.

Like, enter the duress pin, get the fake profile AND start a timer: if the real pin isn't entered within 1 hr (or whatever timeframe the user set it to), then it factory resets.

Best of both worlds.

[-] Pyr_Pressure@lemmy.ca 8 points 4 days ago

Definitely would be pretty easy to figure out a fake phone profile. Unless you are constantly updating it, any photo/emails/texts call logs will have timestamps from like months/years ago. Might fool a few, but even less if it becomes a widespread thing and authorities become aware of how it works.

[-] Duamerthrax@lemmy.world 1 points 2 days ago

The solution is to have a Model Citizen account that's you're daily driver and a Malcontent account that's the one to be deleted on duress.

[-] BradleyUffner@lemmy.world 4 points 3 days ago

They might confiscate the phone.

If you have something worth hiding on your phone that isn't hidden when they look at it, they are DEFINITELY going to confiscate your phone

[-] lime@feddit.nu 6 points 3 days ago

"it's new"

[-] DeathByBigSad@sh.itjust.works 2 points 1 day ago* (last edited 1 day ago)

"Didn't you already say you got a new phone when we stopped you a month ago?"

-the cop says, while glancing at you suspiciously

[-] lime@feddit.nu 2 points 1 day ago

"it broke"

[-] somerandomperson@lemmy.dbzer0.com 2 points 3 days ago

You must enforce the principle of least prilevelege.

Not by just using SELinux in your PC, but IRL.

[-] mydude@lemmy.world 22 points 4 days ago

Any google phone, you can use you "wrong" thumb two or three times (fast), then you are required to enter pin. Easy, quick way to lock you phone more securely if you encounter police.

[-] YoSoySnekBoi@kbin.earth 17 points 4 days ago

And Samsung devices have a "Lockdown Mode" that can be triggered by holding down the power button which does the exact same thing (also disabling lockscreen notifications if they were on until you enter your pin)

[-] tinned_tomatoes@feddit.uk 7 points 4 days ago* (last edited 4 days ago)

You can also just hold the power button to bring up the power menu which includes a Lockdown button. This disables biometrics and will require a PIN to unlock.

This should work on any Android device, but definitely works on my Pixel. The shortcut might be different for different devices, though.

[-] InnerScientist@lemmy.world 4 points 3 days ago

Better to hit the reboot though, then it's completely locked.

[-] Flax_vert@feddit.uk 3 points 3 days ago

Also locks the sim card if you have a lock on that

[-] Alphare@lemmy.world 4 points 4 days ago

It also happens all the time to me because the fingerprint sensor on my 6A is garbage heh

[-] Zak@lemmy.world 9 points 4 days ago

The feature I want is a specific fingerprint that triggers a lockdown, perhaps requiring a long password rather than a short PIN to exit.

[-] gravitywell@sh.itjust.works 4 points 4 days ago

Graphene does that if you use the wrong finger 5x in a row, I do wish you could lower the number though.

[-] InnerScientist@lemmy.world 1 points 3 days ago* (last edited 3 days ago)

Why not make one fingerprint the erase button?

Like left index finger causes a factory reset.

[-] Zak@lemmy.world 1 points 4 days ago

Same on Lineage, so that's presumably an Android default. It's slow.

[-] atrielienz@lemmy.world 9 points 4 days ago* (last edited 4 days ago)

I feel like this is one of those situations where you might be able to use something like an NFC tag to force your phone into a locked state where it would require the pin to unlock.

I think an SOS style pin input is great in theory but I don't know that most people will use it because it's not necessarily going to help in places where you might be required or forced to give up biometric unlocking credentials (some countries make it so there is not a legal way to refuse to give up your fingerprint or face scan etc). This isn't any easier than setting a lockdown key combination etc. Currently on my phone the lockdown is set to enable if I press the power button and volume up key at the same time and I think it's similarly easy to do on iphones.

I feel like this is one of those situations where it also might be a workable idea to use something like an NFC tag to force your phone into a locked state where it would require the pin to unlock. If of course lockdown mode can't be enabled on your device using a key combo and you have NFC available.

[-] TonyOstrich@lemmy.world 7 points 4 days ago

It would be nice if there was a way to use 2FA to unlock a phone. Using a password in combination with biometric or NFC token. That would also allow for the use of an emergency pin as well.

[-] alsaaas@lemmy.dbzer0.com 6 points 4 days ago

GrapheneOS has 2FA implemented with fingerprints. When enabling it, you choose a 2nd factor pin you have to enter every time you want to unlock using your finger

(Allowing you a reasonable compromise between convenience, as in not having to put in a long password every time, and having more protection against physical abuse or coersion, OFC not the serious kind, but it helps with e.g. the coppers)

[-] TonyOstrich@lemmy.world 4 points 4 days ago

That's nice. I wish a security token was also an option, but it doesn't appear they have any intention of implementing that. I don't like the idea of using biometrics for anything specifically because of law enforcement and how there I can be compelled to provide biometric data. A security dongle is almost the same, but with the "advantage" that a little bit of security through obscurity can be implemented since they not only have to know a token is required, but also which one.

Technically that's also a disadvantage in that a security token can be lost vs biometric, but that's the risk profile I would personally prefer.

[-] alsaaas@lemmy.dbzer0.com 2 points 4 days ago* (last edited 4 days ago)

I have a similar take on biometrics, but love their convenience (plus I don't have to type out my passphrase in public, which IMO is a huge plus) and with GrapheneOS I get to have my cake and eat it too :>

[+] vk6flab@lemmy.radio -18 points 4 days ago

Only one problem.

Graphene OS only runs on 16 models of phone, Google Pixels. I've bought a dozen or so Google hardware devices over the years and I refuse to go through that abysmal experience ever again.

Graphene OS might be amazing for all I know, but only supporting Google hardware makes it a joke in the real world outside of the Google fanboy bubble.

As for deleting all the content of your phone, what makes you think that border security or law enforcement won't access your data directly from your backup on Google's cloud?

As far as I can tell, this post is an advertisement for Graphene OS. In real world terms, in my opinion, it adds nothing of substance to the privacy or security landscape.

[-] Max_P@lemmy.max-p.me 23 points 4 days ago

There's a reason it only supports Pixel phones: none of the other manufacturers produce phones that are suitable for it. All the other ones either don't let you unlock the bootloader, won't let you relock it with your own keys, or disables other security featurea. Meaning anyone can just flash whatever code they want to the phone and completely nullify the security model.

For a bit, OnePlus did support this but they quietly removed that feature with the Android 12 bootloader update, and otherwise cut you off from the TEE anyway so the OS can't even verify the boot chain.

The GrapheneOS team said they would happily support other devices if any met their criterias for support. None do. Pixels are the only phone where you can properly flash a custom OS on, and relock the bootloader and disable OEM unlocking like it's the official OS with all the security features functional.

[-] vk6flab@lemmy.radio 2 points 4 days ago

This is helpful.

[-] FauxLiving@lemmy.world 19 points 4 days ago

Graphene OS might be amazing for all I know, but only supporting Google hardware makes it a joke in the real world outside of the Google fanboy bubble.

You should probably read about the subject a bit more before sharing your opinions on this.

People install GrapheneOS because they are NOT fans of Google. The Pixel is simply the only phone with the hardware to support a secure, non-Google OS.

As for deleting all the content of your phone, what makes you think that border security or law enforcement won’t access your data directly from your backup on Google’s cloud?

I don't know anyone who takes the effort to install an aggressively de-Googled OS and then uses Google cloud services.

[-] vk6flab@lemmy.radio -3 points 4 days ago

Do you see the irony associated with buying hardware from the same company who's software you actively want to remove?

[-] FauxLiving@lemmy.world 10 points 4 days ago* (last edited 4 days ago)

I can see how there would appear to be irony if someone doesn't distinguish software from hardware.

You don't need Google software to use a Pixel and Google's software is the privacy/security concern. Their hardware isn't bad and it has unique features that make it the best consumer device for security.

I won't buy an ATV from Yamaha, but I would buy a Yamaha Saxophone. Because they're two completely distinct things, made by completely different groups of people despite being under the same company name.

[-] vk6flab@lemmy.radio 3 points 4 days ago

The separation between software and hardware is not nearly as distinct as your comment suggests. Beyond (sometimes replaceable) firmware there's microcode and embedded systems with their own software inside modules like the modem that allows your phone to actually talk to the network.

[-] FauxLiving@lemmy.world 5 points 4 days ago

Those things are technically true but largely irrelevant.

The concern about Google's software is that the software that they produce which is targeted at consumers binds the user with a restrictive TOS which allows them access to all of your personal data. Their Play Services gives Google very low level access to the operating system and their cloud services are being constantly enshittified.

So I avoid that software and those services.

That doesn't mean that every piece of software that Google produces is implicated. The teams writing low level firmware for optical fingerprint readers are not the ones developing consumer spyware.

I'm concerned about security, I'm not an anti-Google zealot.

[-] Agosagror@lemmy.dbzer0.com 4 points 3 days ago

That said, I personally would love to see the day that fairphone or another company is able to support graphene.

[-] FauxLiving@lemmy.world 2 points 3 days ago

Oh definitely.

I don't WANT to support Google, but unfortunately their hardware is superior for this purpose.

The GrapheneOS devs have a public list of hardware requirements for any manufacturer that wants to support real security, so far only the Pixel checks all the boxes

[-] frongt@lemmy.zip 2 points 4 days ago

Technically all Android is Google software but yeah

[-] FauxLiving@lemmy.world 4 points 4 days ago

It's all Linux software, technically

[-] frongt@lemmy.zip 5 points 4 days ago

Technically only the kernel is Linux, but the userspace is all Google!

Okay technically technically it's a modified kernel, and I'm sure there are plenty of parts of userspace that Google just imported without modification.

Software is complicated.

[-] shortwavesurfer@lemmy.zip 10 points 4 days ago

Because hardcore graphene OS users would not have any data on Google's clouds because they know the danger of having cloud data and would not accept it.

Hell, I don't even have a Google account and haven't for several years.

[-] jrgd@lemmy.zip 19 points 4 days ago

The main idea on a device running something like Graphene OS is that you are already in a state of using minimal, if not at all using Google Cloud services, including data backups. It's intended in tandem with modifications like GMS, GPS (if optionally installed into a given user, work profile) running as an unprivileged, permission-based application. If someone is taking their data privacy and security seriously enough to consider using a duress PIN and flashed their phone with something along the lines of Graphene OS, would they be likely to have heavy reliance to Google's Cloud offerings?

[-] LostXOR@fedia.io 10 points 4 days ago

Have you ever used GrapheneOS? It doesn't support backups via Google's service at all, provides no Google services by default, and sandboxes them heavily if you choose to install them. Aside from the hardware, it has very little to do with Google.

[-] Onomatopoeia@lemmy.cafe 10 points 4 days ago

What backup on Google cloud?

Graphene add nothing of substance to the privacy or security landscape

Hahahahaha, your whole comment is laughable, it's the very definition of hubris (that is the combination of being arrogant and incorrect).

I,for one, haven't used Google as a backup since 2010. Anyone with any awareness of privacy doesn't use it.

I run Lineage, with no Google services, no Google connectivity. I actively block connections to known-untrustworthy domains and IP addresses.

Graphene is the high-water mark in privacy and security on Android.

You should probably actually understand what's going on before prognosticating in ignorance.

[-] IllNess@infosec.pub 8 points 4 days ago

I'm going to guess most people that use Graphene OS don't use any Google product unless it's encrypted using something like Cryptomator.

[-] vk6flab@lemmy.radio -5 points 4 days ago

I'm happy for you to quote me, but it does require that you actually quote what I said rather than what you think I said.

Specifically I said:

As far as I can tell, this post is an advertisement for Graphene OS. In real world terms, in my opinion, it adds nothing of substance to the privacy or security landscape.

I did not state that Graphene OS didn't add to the security landscape, though that's how you interpreted it. Using "it adds nothing", I was referring to the article linked in the OP. Could I have worded this better, sure. Did I say what you think I said, no.

[-] frongt@lemmy.zip 8 points 4 days ago* (last edited 4 days ago)

What didn't you like? I've had multiple Pixels and no major issues.

Border agents are unlikely to have access to cloud data. Police definitely do, but I just don't have a cloud backup of my phone ¯\_(ツ)_/¯
I use Grapheneos' seedvault backups to USB. It's not a very smooth process, so they're planning on replacing it. I've tested backups and restores, though, and they definitely work.

[-] SapphironZA@sh.itjust.works 5 points 4 days ago

Most other phone brands don't unlock their bootloaders anymore, so GrapheneOS can't support them, even if they want to.

this post was submitted on 10 Aug 2025

134 points (96.5% liked)

Android

19982 readers

12 users here now

The new home of /r/Android on Lemmy and the Fediverse!

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

🔗Universal Link: !android@lemdro.id

💡Content Philosophy:

Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.

Support, technical, or app related questions belong in: !askandroid@lemdro.id

For fresh communities, lemmy apps, and instance updates: !lemdroid@lemdro.id

💬Matrix Chat

💬Telegram channels / chats

📰Our communities below

Rules

Stay on topic: All posts should be related to the Android OS or ecosystem.
No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to !askandroid@lemdro.id.
Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to !androidmemes@lemdro.id.
No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.
No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.
No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.
No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.
No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.
No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!
No affiliate links: Posting affiliate links is not allowed.

Quick Links

Our Communities

Lemmy App List

See thread

Chat and More

founded 2 years ago

MODERATORS

ijeff@lemdro.id

ladfrombrad@lemdro.id

Paradox@lemdro.id

multimoon@lemdro.id

mikestevens@lemdro.id

Devgard@lemmy.world

limerod@reddthat.com

Netrunner@lemdro.id