Is this implemented in Android L? I'm curious because I'm running CM 11 on an encrypted Android phone, and it offers an option in Settings->Security to change the encryption password and only the encryption password. Which I have successfully done. What's more, the encryption password remains distinct from my unlock PIN, even though I've changed the unlock PIN subsequent to resetting the encryption password.
I've seen some folks discuss the cryptfs workaround (i.e., here <http://nelenkov.blogspot.com/2012/08/changing-androids-disk-encryption.html>) for changing the encryption password, though what I've been able to learn about it suggests that subsequently changing the unlock password in stock Android -- at least as far back as 4.1 JB -- also changes the encryption password to the same value. That's clearly not happening in CM 11, so I wondered if it's changed in post-4.1 Android as well. (Though presumably this thread wouldn't exist if it had.) For whatever reason, I also find it strange that the implementation notes for Android FDE <http://source.android.com/tech/encryption/android_crypto_implementation.html> read as though they were written for its release in Honeycomb (as perhaps they were). Has nothing of significance in Android encryption really changed since then? On Wednesday, July 23, 2014 6:06:30 PM UTC-7, Adrian Draus wrote: > > I would also love to have possibility to set different passwords for boot > encryption and unlocking device. > It could be additional option in settings but in my opinion it should be > implemented already. > > W dniu sobota, 12 lipca 2014 07:35:21 UTC+2 użytkownik Kristian Hermansen > napisał: >> >> On Thursday, July 10, 2014 10:07:47 AM UTC-7, peter eckersley wrote: >>> >>> Alarmingly, I think the failure to fix this bug is probably going to >>> lead to some deaths if it hasn't already. Some users need secure >>> encryption, and they will be setting a long screen unlock password. And >>> although nobody should be using their phones while they drive, the reality >>> is that many people do. This means that there is a population of people >>> who are fumbling around entering 12+ character passwords while driving >>> around in traffic :( :( >>> >> >> I agree that this may become an issue. I also wonder what happens if >> Android starts supporting fingerprint unlock. It seems the two would need >> to remain segmented in that case, no? Or perhaps I don't know enough about >> Android "L". If it is the case that they won't work together, either this >> means that fingerprint unlock won't work with full-device encryption, or >> security conscious individuals such as ourselves will be forced to choose >> between one and the other. Doesn't seem like a great scenario... >> > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
