@GrapheneOS thank you for that feature. Imo this is the best after mte
2-factor fingerprint unlock feature is now fully implemented
In my case, I could now choose a much longer main password. This now only has to be entered at the beginning, after which I am still very well set up quickly and securely with a 6-digit code and the fingerprint. After 4 hours without use, the device goes into bfu mode or switches back to the main password. It's more than perfect for my needs!
Sad i can not use it with privacy screen protection no matter how many time I enroll my fingerprints..
(Pixel 6a)
Is there someone with P9, using privacy screen protection, using the 2FA ? I believe the P9 use an ultrasonic fingerprint sensor instead of an optical one right ?
For those who find it troublesome, I enabled this one day ago and now have already got used to it, surprisingly.
Give it a try !
rclemmer We considered it but it's more complex to support it so we decided not to do it.
- Edited
NetRunner88 Pixel 9 uses an ultrasonic reader which should work better with screen protectors that are properly compatible with it but not all of them are compatible. Blocking visual light spectrum doesn't imply blocking ultrasonic but it's not implied that screen protectors with that privacy feature will avoid making it significantly worse or breaking it.
Yah, its finally here. Proper 2fa is now possible.
And now for the complaints.
Is it possible to have the PIN entry screen appear regardless of whether or not the fingerprint is valid?
Or in the alternative require that the PIN be provided before the fingerprint?
Because right now, a hostile party could force your finger onto the scanner and establish that your fingerprint is programmed into the device. Even without the PIN or access this can be very valuable information; if nothing else it can tie device ownership/access to you.
Ideally, I would like the fingerprint to serve as the enter key for the pin and the only result that is provided is the device unlocks or not. I have doubt's that this is possible without Google's access to the secure element though.
i dont understand the purpose of this because when i used this i can still unlock the phone using only PIN
i looked forward to this to more convenient shoulder surfing protection, it takes me a long time to type the pin when they are scrambled, but fingerprint + regular pin would solve this
however when i set this up it accepts only my pin, so for this usecase the feature is pointless
or did i do something wrong?
- Edited
beatriz i dont understand the purpose of this because when i used this i can still unlock the phone using only PIN
Is this the method used for the first unlocking ?
beatriz i looked forward to this to more convenient shoulder surfing protection, it takes me a long time to type the pin when they are scrambled, but fingerprint + regular pin would solve this
however when i set this up it accepts only my pin, so for this usecase the feature is pointless
The advantage of this feature is that you can easily use a strong passphrase as the primary unlock method, e.g. between 4 and 12 words depending on your threat model, then use the fingerprint plus a 4 or 6-digit PIN for secondary unlock, which is the method you'll use most often and is much more convenient, so the passphrase is only required for primary unlocking.
Supported devices have a robust security element that is very difficult to exploit, which is why a simple 6-digit PIN provides secure encryption unlike others Android devices, but we also know that it's only a matter of time before the security element is exploited by attackers, there are currently no exploits for the Titan M2, but Cellebrite has managed to exploit the Titan M1, so Titan M1 can be exploited by attackers, a strong passphrase as method for the first unlock allows you not to trust the secure element if you wish.
I love this feature!
So far after using it for a few hours I can say that I do have some suggestions:
- Optional auto accept (same as regular PIN, no need to press enter to unlock - it automatically submits after you enter enough digits). I know that this isn't as secure (revealing the length of your PIN), but it should be an opt-in option for those who want it.
- Small bug: there is no vibration once you scan your fingerprint and the keypad pops up - it's useful when typing your PIN from muscle memory without looking at the screen or while hiding the screen from others (and yourself too)
- Some sort of icon at the top of the screen, different vibration pattern (see #2) or another easier (than text above the keypad which sometimes doesn't even show up) way to distinguish which PIN (if you also have a [longer] PIN set as your main unlock method) you should type in
The last 2 are a bit lower priority, but they would be very nice to have!
JollyRancher cool idea, but that would require changing the layout of the PIN entry screen because the fingerprint scanner is directly under one of the numbers, and that would add a lot of extra work.
Ammako
Realistically, the best I am hoping for is that they can make the order Pin > Fingerprint instead of Fingerprint > Pin.
That would prevent testing the fingerprint until after the pin has been successfully entered.
JollyRancher Realistically, the best I am hoping for is that they can make the order Pin > Fingerprint instead of Fingerprint > Pin.
https://github.com/GrapheneOS/os-issue-tracker/issues/4599
GGORG Small bug: there is no vibration once you scan your fingerprint and the keypad pops up - it's useful when typing your PIN from muscle memory without looking at the screen or while hiding the screen from others (and yourself too)
I've set this up, but I've found an anomaly I don't think should be happening. When I go to unlock, I'm first required to provide my finger print, once complete I am then presented with a screen asking for my PIN which is headed 'Enter second factor PIN. Great, it works!!
The problem is that I can swipe up on the finger print screen and without providing a finger print I can get to a screen requesting 'Enter pin' and by entering my PIN I can access my device.
Am I missing something, but surely the latter shouldn't be possible? Thanks.
- Edited
custardbomb That's because you've set a PIN both for main unlock method and for 2nd factor for your fingerprint. The solution is probably better suited for setting a strong (diceware) password as main unlock and PIN only for second factor for fingerprint.
This is amazing work! Thank you! While people are throwing wish list stuff out there, having the ability to use location or network based (WiFi network) rules for when 2FA is in force would be a dream.
Connected to a trusted home network or at a trusted location? 2FA is disabled. Anywhere else or WiFi off? 2FA is enabled.
custardbomb don't reuse the same PIN.
Any chance there could be an option to increase the amount of failed fingerprint attempts before forcing the main passphrase, when using 2FA PIN? Because the optical fingerprint that us peasants without a 9 series have to use is kind of trash. It's been less than a day and I've already been locked out of fingerprint unlock because it refuses to recognize my fingerprint too many times in a row.
Following other's advice online, I've registered the same finger 4 separate times, to maximize the amount of data points available and minimize the chances that it would fail to recognize my print, and still it failed enough times in a row to force main passphrase. Which is not a good thing if you were hoping to avoid having to ever enter the main passphrase outside of your home.
It makes sense to limit the amount of failed fingerprint attempts to guard against bruteforcing, when the fingerprint is the only thing preventing access to the device, but when you have a 2FA PIN, throttling the fingerprint isn't really necessary, as long as PIN attempts after it are throttled.
This is a very good feature that I'd love to use, and many others too, but when the fingerprint reader is so unreliable, it just isn't practical. If the fingerprint throttling could be relaxed or removed, that should solve this problem without sacrificing security too much.
According to GOS, what is the best unlocking method for combating forcible entry?
PIN without fingerprint or password + fingerprint and 2FA
Unless both methods are good?
What you're describing isn't at all normal unless you're using a screen protector. If you have a screen protector, that's the problem.
Don't register it multiple times. Delete the existing ones, register it once and use it repeatedly after the initial registration while moving around your finger to help train it better. Using it more will train it better. Having it registered multiple times will mean only one gets selected and updated each time you unlock which will make it much worse in the long run. It's a short term hack making it worse in the long run.
We plan to make the attempt limit configurable but your experience doesn't match the experience of the vast majority of users without screen protectors. Screen protectors are a huge issue for fingerprint unlock, particularly optical and particularly if they're those privacy screen protectors reducing viewing angle.