• General
  • Different passwords with multiple users

Hello,

I use GrapheneOs with two users :

1/ Owner user when I start the phone (long password)
2/ Second user when I use the phone (short password for easy unlock)

The phone use File-bases encryption, ok.
If my second user take a photo for example, the photo is encrypted with the master key of the owner user or the second user ?
My real question is, it's more easy to decrypt my files if my second user have a short password ?
(example, dump the full disk and use bruteforcing)

Thanks

  • de0u replied to this.

    Mael

    Mael my second user take a photo for example, the photo is encrypted with the master key of the owner user or the second user ?

    The second (see https://grapheneos.org/faq#encryption).

    My real question is, it's more easy to decrypt my files if my second user have a short password?
    (example, dump the full disk and use bruteforcing)

    Yes. Depending on your exact threat model, maybe not all that much easier. But yes.

    Thanks.

    So If i want a secure encryption, I need a long password for my second user.
    There are an app like SnooperStopper (old) for GrapheneOS ?

    SnooperStopper allows you to have different device encryption password than screen unlock pattern/PIN/password. You can have strong device encryption password (which you only need to enter once after booting your device) but simple pattern/PIN/password for unlocking your screen.

    https://github.com/xmikos/SnooperStopper

      Mael oooo that snooper stopper is a good idea. Could this be a feature implemented into grapheneos?

      treequell

      Yes, I have this option enabled, but if someone dump the disk (static analysis), my encryption is less secure.

      The real problem is for unlock the phone, a long passphrase is very boring :/

        Mael
        The way user data is encrypted is somewhat complicated, it doesnt just depend on your PIN/password. Significantly, decrypting requires a Weaver token that is held in the Titan HSM and its release requires your PIN/password.
        The Titan has brute forcing protection which increasingly delays the frequency with which access to the token can be attempted.

        Dumping the disk and attempting to brute force decryption wont work as decryption depends, not only on your PIN/password, but on multiple strong secrets (keys/tokens) held securely in the phones hardware.

        https://grapheneos.org/faq#encryption

          dazinism thanks for the info. What do you think of the SnooperStopper app? I think it sounds like a good idea , but I'm worried about giving an app special access

            @dazinism
            Thanks.
            If I understand, a simple password with 8 numbers for example is hard to decrypt (with Titan M).
            How to known the force (hard, very hard, very very hard ?) ?

            @L8437
            In the past, I used this app, and yes, different passwords for user and lock is cool.
            I think this app doesn't work with GrapheneOs.

            a year later

            Hello,

            1/ There is still no solution or application to have a different password between boot and lock?

            2/ How long should the password be to have very good security (digit with Titan) ?

            Thanks

            • de0u replied to this.

              Mael There is still no solution or application to have a different password between boot and lock?

              Not yet, but there is some recent activity on issue #28.

              Mael How long should the password be to have very good security (digit with Titan) ?

              Fundamentally, longer is better, and different people are concerned about different threats. Some people are worried about a randomly stolen phone, but others are worried about nation-state actors with supercomputers -- those threats are very different.

              Ok thanks, how secure is a 10-digit password (titan)?

              • de0u replied to this.