Auto-unlock PIN with Android 14 - how secure is it?

MoonshineMidnight

So I updated my GOS 6a to Android 14. Already use a 6 digit PIN for this new feature as it is needed. Auto-unlock allows you to just enter your 6 digit PIN to unlock as opposed to also having to then hit the arrow button on bottom right to unlock your phone. It actually makes it a lot faster.

However, articles online keep saying "Google warns that auto-unlocking is "“slightly less secure”". I searched everywhere as to why this is "slightly less secure". Can't find anything. Maybe with Cellebrite or GrayKey? Anybody have any ideas?

B0B42

MoonshineMidnight I would like to use auto-unlock but I can't find the setting, searched for auto and pin in settings but nothing, am I blind?

N1b

B0B42 Settings -> Security -> Gear at top right next to "Screen Lock" -> Auto-confirm unlock

MoonshineMidnight However, articles online keep saying "Google warns that auto-unlocking is "“slightly less secure”". I searched everywhere as to why this is "slightly less secure". Can't find anything. Maybe with Cellebrite or GrayKey? Anybody have any ideas?

I think it is not worse when it comes to (in)security. 6 digits are not secure if it wasn't for the secure element, which throttles the input waiting time drastically. If the attacker can bypass this, it's insecure no matter if you auto-confirm your pin or not (and vice versa it's secure with the secure element in place).

What bugs me is that the lock screen reveals that I use a 6 digit pin with auto-confirm (and only 6 digit pins) which is totally unnecessary transparency for an attacker. But the security ramifications again depend on the secure element.

MoonshineMidnight

N1b You can use more than a 6 digit pin with auto unlock. It just requires at least 6 digits. While most average phone users out there will not understand what this is, it's a good thing if it gets average users to move up from a 4 digit pin. Then, most use fingerprint anyway. I have an Android only Pixel where I use fingerprint, but for my GOS Pixel it is a 6 digit pin.

B0B42

N1b Settings -> Security -> Gear at top right next to "Screen Lock" -> Auto-confirm unlock

In the gear there is no auto-unlock, why not for me?

N1b

MoonshineMidnight I unfortunately don't understand your comment. Yes you can use more than 6 digits, but you were asking about security concerns for a 6 digit pin with vs without auto-unlock. And my linked thread is about the weirdness of Android 14 showing preview dots, but only when you have a 6 digit pin with auto-unlock (not at any other number of digits and not with auto-unlock turned off), but if you want to discuss that further, let's move to the respective thread. :)

Skyway

B0B42 you need to have a 6 + digit pin for this to be an option .

B0B42

Skyway Thanks!
Will change that immediately.

matchboxbananasynergy

For what it's worth, GrapheneOS has disabled this being the default:

https://github.com/GrapheneOS/grapheneos.org/commit/a7e23087ccf7ead80fafea4c0758a3d417257780