2-factor fingerprint unlock feature is now fully implemented

GrapheneOS

Thanks for the response! I understand your point about the 5 failed attempt limit, but in practice (as a GOS user myself), you can do 3 failed attempts, press the standby button, and then do another 3 failed attempts before the device forces you to use your PIN or passphrase.

This effectively allows 6 failed attempts in total, which has been the existing behavior in GrapheneOS. My suggestion is that the new 2FA PIN feature could be enhanced by making it configurable as a fallback after a cumulative number of failed attempts (e.g., after 3). This would allow users with lower threat models to avoid having to always use both fingerprint and the 2FA PIN for every unlock, while still maintaining robust security protections. And those who wish to always have the 2FA PIN could still do that.

Would love to hear thoughts on whether this could be implemented as part of the new 2FA system or what your views on that are. I do not see it defeating the purpose entirely as you describe it.

Carlos-Anso I definitely agree with you that this feature is valuable! There is no debating that.

I was merely suggesting another middle ground option for those who have a lower threat model that could be implemented within this new feature. :)

Can we have the PIN confirm auto?

0289380427 +1 for auto PIN confirm. The numpad opens only after a successful finger print read.

Been using this feature for the past week, love it GrapheneOS team, thank you!

0289380427 If I correctly understand "PIN confirm auto", I'd guess it would weaken the security of the PIN. Forcing the entry of "end of line" seems much more exacting.

Please don't do this.

(I suppose the auto PIN confirm could be made a configurable option - at the cost of complexity)

I think there is a bug with the 2fa when I end the secondary profile session and the owner profile lockscreen shows first a fingerprint icon but it doesn't respond to touch. It does that every time I switch back to owner profile. I have to turn the screen off and on first and then it asks for a password. P7 2024123000 stable

NetRunner88 I have a Pixel 7 ( IIRC tried 2 different mfg screen protectors ) and just could not make it work at all. The Pixel 7 I tried over and over again with numerous fingers and my other hand and it just doesn't work with me. So I researched the Pixel 8 and 9. The Pixel 9 was on sale and also had great trade in values a few weeks ago and I really wanted the fingerprint option. The Pixel 9 works very well.

0289380427 if I understand the question correctly, the project account already answered here: https://discuss.grapheneos.org/d/18585-2-factor-fingerprint-unlock-feature-is-now-fully-implemented/46

Carlos-Anso Right, we had carried out tests on a door lock with a fingerprint. The matching fingerprints were directly around the lock. :)

r_dac What is the primary unlock? Is it a passphrase or a PIN?

de0u Primary is a passphrase.

I have the screen timeout set to 30 seconds, and its set to lock 5 seconds after that.

I tried "unlocking" in this 5 second buffer when the screen is off. Tapping anywhere on the black screen will immediately spring it back to life (as expected). If I instead happen to use my fingerprint on the sensor, the same thing occurs, but it shows the fingerprint animation (white light under the sensor location) , which makes it appear as though it accepted my fingerprint and "unlocked" but in reality its just waking the device back up before it locks in that 5 second window.

It's possible that this is what I've observed on these 4 occassions - I catch the device in that 5 second buffer where the screen is off, but it hasnt locked itself yet. When I go to "unlock" my phone with fingerprint as is muscle memory, it simply wakes the device back up, while making it appear as though it accepted a finger print in the process.

With this behaviour in mind, I'll keep a close eye on it to confirm if there are any instances of true unlock without a PIN.

r_dac With this behaviour in mind, I'll keep a close eye on it to confirm if there are any instances of true unlock without a PIN.

Thanks for that update. Hopefully that will turn out to explain what you have observed.

r_dac It's possible that this is what I've observed on these 4 occassions - I catch the device in that 5 second buffer where the screen is off

We are aware of this and that is exactly what is happening. Its AOSP code that fires the FP sensor when the screen is off even when the device is not locked.

IIRC in this state you can also use the wrong finger, but it has to be rejected a few times before it 'lets you in'/turns the screen on. Can set a longer period after the screen times out before it locks if for some reason you want to more easily experience this behavior

It was the first thing I did after updating to this release, this new feature is amazing!

de0u

I've witnessed another 2 instances of 2FA unlock without PIN prompt, and I'm confident in these cases it was not the result of the screen timeout behavior noted above.

First instance today: Phone was locked and on change with a wall socket over night when I picked it up to check a stale notification this morning - 2FA worked as expected. However, when I went to unlock the phone again 2 hours later (still connected to wall plug) to dismiss an upcoming alarm, the PIN prompt failed to appear when presented with a fingerprint.

Second instance occured 5 mins later: While still plugged in, I received a notification and picked up and unlocked my phone to check it. Again, unlock occured with fingerprint only.

When I tried to replicate this a 3rd time, 2FA worked as expected

I'll report back if I see any more apparent instances 2FA-unlock without PIN prompt, with the hope of pinning down what might be triggering them.