I encrypted my phone when I was using CM13. It was all good, until I decided to set a pattern screen lock.
Fun part: I forgot the pattern.
I rebooted to recovery, intended to wipe data, but was baffled when I saw the thing: the pattern has became the encryption key.
I tried flashing firmware with Heimdall, it boots properly but asks for the pattern.
How can I disable the encryption?
(SM-G900FQ)
Edit: solved. I wiped data with firmware recovery.
Related
Now, you can encrypt your device once only and still have the ability to backup/restore, upgrade or change to a different rom without losing encryption or re-encrypting your device. You can also get rid of screen lock pin/password, which is required by Google to have encryption.
As many of us may know, TWRP unlike CWM can deal with encrypted Data partition and internal storage. As such, if you encrypt your custom CM/AOSP based rom and subsequently enter recovery (TWRP only), you are asked for your password and then TWRP decrypts and mounts your encrypted Data, which allows you to upgrade the rom, install a different custom rom or backup your current rom while preserving encryption. What is interesting is that when you install a new rom (or reinstall the old one), you can get rid of screen lock password completely. In other words, your password is used only for encrypting/decrypting.
Now, a word of caution about short passwords. A 4-5 character pin/password defeats the purpose of encryption, since it takes about 4 minutes to break it. There are ways, however, to have separate passwords for encryption and screen lock or, as shown in this guide, get rid of screen lock password completely. Here is what you can do:
1. Have TWRP recovery (CWM does not work)
2. Encrypt your current data and internal storage (go to Security menu and choose encrypt; you will be forced to set encryption password, which will also be your screen lock password).
3. When you are done, turn the phone off and on to check that decryption/encryption works.
4. Next, install encryption password changer from fdroid:
https://f-droid.org/repository/browse/?fdfilter=encrypt&fdid=com.kibab.android.EncPassChanger or this one:
https://f-droid.org/repository/browse/?fdfilter=encrypt&fdid=org.nick.cryptfs.passwdmanager
5. Change your password to a strong and long one. Make a note of it, as if you forget it, you will have to reset your device in flashtool, meaning flashing stock et al, which is pain. You will only need your long password when you are turning your device on. You won't have to enter that or another password, when the device is running.
6. Next, you want to reinstall your current rom or install a new one. For that do:
7. Enter TWRP recovery, enter your password and your system/data/cards will be mounted. Reinstall your rom (install, not restore) or install a new one. Remember, the only thing you need in your new rom is TWRP recovery. Once you are done, reboot the device. You will have your new rom encrypted with no screen password. From that point and on, you can backup your rom (and do other things) that TWRP recovery allows.
Thanks for your guide.
I really tried to follow it to the end, but TWRP will not mount my internal storage. Neither with the original password nor after I changed it to a more complex one.
Unfortunately, I always end up with the "Password Failed, Please Try Again" error message.
Is there any way to make TWRP work with my encrypted internal storage?
[unnecessary background information] A while back I decided to encrypt my OnePlus 2 - mostly to compare its performance with my Nexus 6P, which is also (obviously) encrypted. Today I decided I was tired of Oxygen OS and wanted to install CM13 since Grarak had gotten the fingerprint scanner working properly. I went ahead and unlocked the bootloader, installed TWRP 3.0.0.2, and excitedly flashed the shiny new OS (without making a backup, like an idiot)[/]
After booting up into CM13 the system asks me for my encryption key (sure, whatever) and then I get this big screen that says "Decryption Unsuccessful....The password that you entered is correct but unfortunately your data is corrupt" and goes on to say that a factory reset will fix the problem and any lost data can be re-downloaded from the cloud. I said "great!" and hit the "reboot now" button that reboots back into TWRP, runs a short script, and sends me back to where I started (presumably not on purpose).
Now, I tried doing a full wipe of the entire device via TWRP, which sent me into a new panic mode when I couldn't manage to get any files to transfer over when I tried to send them over MTP - I finally went about using the ADB Sideload feature in TWRP to once again install the same (and a different) ROM all of which garnered the same result.
Finally, the point of the story: Is there a way for me to fully remove encryption from the system from within TWRP? If not, am I totally hosed or does someone have another idea? Frankly, I'd be happy to just have a booting phone at this point.
Thanks in advance!!
So following up on my own thread, I found the setting in TWRP that specifically allows you to erase the data partition (something that I thought I had done when I did a standard wipe and/or when I did the advanced wipe and specifically told it to wipe everything) and rebooted and it finally booted happily into Android. I'm not sure if this is a bug in TWRP or a bug in CM's script that is causing issues but something isn't quite right.
I've got an issue where I can't flash rom's in TWRP because the phone's been magically encrypted that can't be undone with any useful passwords. I've searched google for solutions and besides a wipe/reformat, it looks like all other alternatives have not been helpful. I've removed any passwords/pins, set new passwords/set a new pins, flashed different versions of TWRP and even tried "default_password" as a possibility but nothing seems to work. Has anyone else run into this and resolved without going to the nuclear option?
Btw, on a related note...if I reformat or wipe my phone in twrp, does that mean the entire SD is wiped clean of everything or is just the "data" such as personal folders, settings and apps removed?
Thanks in advance for everyone's help.
everything is wiped, like a clean flash. I had the same issue so I did the wipe, after that everything else worked fine. Also, removed encryption after first boot so this wont happen again
Try the navigator TWRP.
V6 (3.0.3) : https://docs.google.com/uc?id=0B9ZMWt4u_wSDVkp3UlMxS1liMUE&export=download
V7 (3.1.0) : https://mega.nz/#!YMojxQgI!Pa1kh_p2dRwTMdPPG-xEpCGeVdtqMvritlp8cH9zpp8
(MTP doesn't work on v7)
TheDethEgineer said:
everything is wiped, like a clean flash. I had the same issue so I did the wipe, after that everything else worked fine. Also, removed encryption after first boot so this wont happen again
Click to expand...
Click to collapse
Quick Question: after the full wipe, how did you remove the encryption? I'm rooted, TWRP installed, LineageOS installed, and everything is running fine, but i cant update/flash roms without a USB OTG cable and a flash drive at this point. Whenever i boot into recovery, it asks for a decryption password. I'm willing to wipe, i just dont know how to kill the encryption afterwards.
PurpleCowMan said:
Quick Question: after the full wipe, how did you remove the encryption? I'm rooted, TWRP installed, LineageOS installed, and everything is running fine, but i cant update/flash roms without a USB OTG cable and a flash drive at this point. Whenever i boot into recovery, it asks for a decryption password. I'm willing to wipe, i just dont know how to kill the encryption afterwards.
Click to expand...
Click to collapse
When you wipe it will delete everything including the encryption password
This has been extremely frustrating but I can't get any password to work when I try to decrypt this in recovery when it prompts for the password.
Where I'm at now:
I did a FULL wipe of my phone (System, Data, Internal Storage).
I installed Lineage 15.1 and GApps (minimal install) and did just the bare minimum to get into the system when it started up (no Wifi, no Google account setup, etc). I then immediately Encrypted the phone without setting any Security pin/pw/etc. I rebooted into recovery and the default password (which I googled was 'default_password') didn't work.
I then wiped everything again and repeated above and redid the same procedure, but this time I set a PIN for security, and then encrypted the phone. Rebooted into recovery and tried the PIN to decrypt - no go.
I'm at a loss on how to make recovery useful with an encrypted /data partition. I'm required by my company to encrypt my phone if I wish to use it for company email, etc, but I also like to upgrade ROMs, kernals, Magisk etc as well. This a complete showstopper for me if I have to do a complete format everytime I wish to upgrade components of the ROM/kernel/etc.
Anyone have any suggestions on how to get this working?
Hi,
I'm in the situation described here with my G950F not letting me in: I had Magisk installed, then flashed stock boot.img. Stock boot rejected my pattern to unlock encryption. I then reflashed the patched boot images I used before. Phone accepts my pattern but complains about an integrity issue and calls for a factory reset.
Any chance to go from here without data wipe?
Thank you