Nuttso I appreciate what you are doing, but I see better alternatives with GOS functionality. There are other e2e apps I would like to secure that are not secured on my 6a if the main PIN for my Pixel is hacked - particularly AFU, which is more exploitable than BFU. In particular two e2e emails, two robust e2e notes apps that sync with my other devices, another e2e messenger on top of Signal. Now, I have a 10 digit PIN on my Pixel and auto restart set for 8 hours (could change that to 4 hours if I go to higher threat model) to put my phone in BFU state if for some crazy reason the cops or a hacker take it. If the cops take it, they have to process phone, while keeping the phone on and plugging it in using a Faraday room (so I or someone else does not remotely wipe the phone) waiting for their forensics people (a medium sized police department will have 1-3 cops trained in using Cellebrite/GrayKey, and if that does not work and serious enough they bring in FBI forensics) to come in and examine the phone. The expectation is the phone will auto restart before they get to it and not be able to be cracked as it has auto-restarted and entered BFU extremely secure state with a 10 digit phone PIN.
Now, I don't really feel I need this security with my threat model, but what I would do with higher threat model is put my main profile with all the apps I regularly use (including the aforesaid e2e email, e2e messenger and e2e note apps) in a user profile to be BFU secure. When you stop using your phone, you "end session" in the user profile - which puts it in BFU state with a 10 digit PIN. I could then switch my phone security to an easy to use fingerprint along with a 10 digit PIN on my user profile which used to be my main profile. I would just have to remember to "end session" every time I stop using that user profile, but it would kill many birds with one stone by encrypting all my sensitive e2e apps and other regularly used apps in the most secure way possible with BFU, as opposed to just Signal in my primary profile by switching to Molly. I do want to confirm with others I am correct in how what I described works?
I like what you are doing, but if I decide to increase my threat model, what I have described seems to me to be the most sensible/user friendly way to highly secure many apps. In BFU you eliminate certain exploits and an attacker is left with brute force. That is not going to happen with a 10 digit PIN and Weaver throttling. And to @"Nuttso" - does Molly use throttling?
Another question for the forum/GOS developers. I would hope and assume user profile PINs use Weaver throttling just like the phone PIN? A 10 digit random digit PIN is very secure on its own without throttling, but throttling is also nice to have.