• General
  • Different passwords with multiple users

Thanks.

So If i want a secure encryption, I need a long password for my second user.
There are an app like SnooperStopper (old) for GrapheneOS ?

SnooperStopper allows you to have different device encryption password than screen unlock pattern/PIN/password. You can have strong device encryption password (which you only need to enter once after booting your device) but simple pattern/PIN/password for unlocking your screen.

https://github.com/xmikos/SnooperStopper

    Mael oooo that snooper stopper is a good idea. Could this be a feature implemented into grapheneos?

    treequell

    Yes, I have this option enabled, but if someone dump the disk (static analysis), my encryption is less secure.

    The real problem is for unlock the phone, a long passphrase is very boring :/

      Mael
      The way user data is encrypted is somewhat complicated, it doesnt just depend on your PIN/password. Significantly, decrypting requires a Weaver token that is held in the Titan HSM and its release requires your PIN/password.
      The Titan has brute forcing protection which increasingly delays the frequency with which access to the token can be attempted.

      Dumping the disk and attempting to brute force decryption wont work as decryption depends, not only on your PIN/password, but on multiple strong secrets (keys/tokens) held securely in the phones hardware.

      https://grapheneos.org/faq#encryption

        dazinism thanks for the info. What do you think of the SnooperStopper app? I think it sounds like a good idea , but I'm worried about giving an app special access

          @dazinism
          Thanks.
          If I understand, a simple password with 8 numbers for example is hard to decrypt (with Titan M).
          How to known the force (hard, very hard, very very hard ?) ?

          @L8437
          In the past, I used this app, and yes, different passwords for user and lock is cool.
          I think this app doesn't work with GrapheneOs.

          a year later

          Hello,

          1/ There is still no solution or application to have a different password between boot and lock?

          2/ How long should the password be to have very good security (digit with Titan) ?

          Thanks

          • de0u replied to this.

            Mael There is still no solution or application to have a different password between boot and lock?

            Not yet, but there is some recent activity on issue #28.

            Mael How long should the password be to have very good security (digit with Titan) ?

            Fundamentally, longer is better, and different people are concerned about different threats. Some people are worried about a randomly stolen phone, but others are worried about nation-state actors with supercomputers -- those threats are very different.

            Ok thanks, how secure is a 10-digit password (titan)?

            • de0u replied to this.