Apologies If I can’t list specific 3rd Android OS here. I know you can’t on some reddit privacy subs due to some beef between devs I guess. I’ll take down if needed :)

Regardless, Ive been running GOS for a while and just found out theres a feature that allows you to use biometrics while still requiring your pin on the initial lock screen. One of my concerns with biometrics is that in some jurisdictions, law enforcement can force someone to open their phone through face ID or thumb print.

I’ve been using this feature that allows you to use biometrics but when you are on the lock screen, it still requires your pin. I thought this was really cool because it allows me to use biometrics only to unlock my apps while still adding an extra layer of protection to the unlocking of the device itself. Obviously slightly Inconvenient depending on your worries/threat level, but I just wanted to share this in case anyone else was interested and didnt know about it! Very cool!

EDIT: I just re-read my screenshot and it looks like fingerprint unlock is not correlated to using fingerprint for app unlocking. If this is the case then I’m not quite sure what the actual benefits are here. Please feel free to clarify!

11431

  • ashaman2007@lemm.ee
    link
    fedilink
    arrow-up
    5
    ·
    edit-2
    2 hours ago

    FYI, for folks currently using a normal PIN and looking to use this, it’s intended that the 2nd factor PIN at least be different than the main unlock PIN. Otherwise you can just swipe up to dismiss the fingerprint prompt and get to the main PIN prompt; if its the same as your 2nd factor, that’s pointless.

    I was told on the Graphene matrix channel that the most secure configuration for this is:

    Main unlock method: 6 word diceware password

    Secondary unlock method: biometric + 6 character 2nd factor PIN

    Be aware that if you use this config that you will be prompted for the main unlock method (long password) at reboot, and also every 48 hours.

    • JackAttack@lemmy.dbzer0.comOP
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      6 hours ago

      Thanks for sharing! This also kind of clears up my confusion that I mentioned I’m the EDIT at the end of my post. I was wondering what the real benefit to this is but it seems like a password as the main with the pin and bio as the secondary seems to provide:

      • Main unlock: More. Secure with password?

      *Secondary unlock: “quicker” but also secure due to the pin with the bio.

      Is this more or else the right idea?