Flawed Android factory reset leaves crypto and login keys ripe for picking

Toggle sidebar Toggle sidebar
Clocks

Clocks

Well-known member
Aug 27, 2010
2,009
18
0
Visit site
Flawed Android factory reset leaves crypto and login keys ripe for picking | Ars Technica

TLDR:
Data is easy to recover from previously used phones even after a factory reset. Even if your device was encrypted all that is needed is the encryption password to regain access even after a factory reset. A short password can be cracked in a few hours.

The big takeaway is before you sell your phone:
1) encrypt the device with a very long password (11+ characters) of letters and numbers
2) then do a factory reset
 
B. Diddy

B. Diddy

Senior Ambassador
Moderator
Mar 9, 2012
165,594
4,737
113
Visit site
Thanks, good PSA. This whole issue is a big facepalm!:-\

It's worth pointing out that the study included only phones up to 4.3, so hopefully Kitkat and Lollipop are more secure.
 
You must log in or register to reply here.

Similar threads

R
Factory reset protection- HELP NEEDED AS DEVICE NOT RECOGNISING MY GOOGLE DETAILS
Replies
4
Views
2K
General Help and How To
B. Diddy
B. Diddy
Mooncatt
  • Sticky
Passwords, their importance, and why you should remember them.
Replies
32
Views
27K
Ambassador Guides, Tips & How-To's
winmod21
winmod21
M
DataVault Password Manager for Android Version 6
Replies
0
Views
2K
Android Apps
Marc Bolh
M
B
Can not Factory reset HTC M8
Replies
1
Views
4K
HTC One M8
B. Diddy
B. Diddy
A
  • Question
Can i do factory reset for my encrypted samsung note 3?
Replies
0
Views
822
Ask a Question
AC Question
A

Latest posts

Members online

Total: 2,025 (members: 8, guests: 2,017)

Trending Posts

Forum statistics

Threads
943,146
Messages
6,917,510
Members
3,158,843
Latest member
samyblaze

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom