Duress PIN thoughts

ShinRamen247

Hi all,

I had a quick test of the duress on the pixel 8. I noticed that you need to press the enter to start the process. If I may suggest would it be possible for the duress to be triggered once the Duress PIN or Password in inputted without the need to press enter? Just a thought...

Thank you to the GrapheneOS team. This feature is amazing. It just get better and better.

de0u

ShinRamen247 I had a quick test of the duress on the pixel 8. I noticed that you need to press the enter to start the process.

That is the same as entering a regular PIN/passphrase, right?

ShinRamen247 If I may suggest would it be possible for the duress to be triggered once the Duress PIN or Password in inputted without the need to press enter?

I suspect that would require a substantial restructuring of the PIN/passphrase code, which must be right, so a change like that would be high-risk.

matchboxbananasynergy

This can already be done by enabling "auto-confirm PIN" in your PIN options. We don't recommend doing that as it lowers security slightly compared to leaving it disabled, but the option exists. You should take care to make the actual PIN and duress PIN the same length if you enable that. If the actual PIN is for example 6 digits and the duress PIN is 8, then due to how auto-confirm PIN works, you won't be able to enter it.

ShinRamen247

Understood,
In the past my girlfiend wanted to check my phone and I wish there was a duress PIN. It would've saved my life!
So lets say that scenario was replayed, and the Duress Pin was eg 123123, all she need to do is enter that and its gone.
Otherwise she will be at it until she forces me to handover the password. Lesson learnt and I have behaved.

Another question if I may, would the duress pin be triggered if there was a brute force attempt?

Hb1hf

ShinRamen247 would the duress pin be triggered if there was a brute force attempt?

Ohhhh amazing question! If it is triggered by brute force, a short duress pin would be an interesting idea!

Murcielago

ShinRamen247

Another question if I may, would the duress pin be triggered if there was a brute force attempt?

If I understand this post correctly, unfortunately it looks like this is currently not possible:

Duress PIN/password is an OS feature without secure element support. An attacker successfully exploiting the OS can try the duress PIN/password without risking a wipe since they can control the OS. In theory, the secure element could implement duress PIN/password support by having a 2nd authentication token for each Weaver slot which wipes the Weaver token instead of providing it. There's no way for GrapheneOS to implement this without having our own hardware where we can add secure element features.

« Previous Page