Just going to preface this by saying I’m not a security expert.
Phones have 2 encryptions states BFU (Before First Unlock) and AFU (After First Unlock). Self-explantory I think; when you login to your phone after putting in your password the first time, your phone will go into AFU state.
In BFU, almost everything is encrypted. In AFU if you dump the same data you will basically get a lot more information because some of the data is now decrypted. That’s basically why you can access notifications, change settings around from your lock screen when your phone has been unlocked once but not the first time after reboot.
As for why PIN – I’m not American but apparently in US you can be compelled by law to unlock your phone via fingerprint but law enforcement cannot force you to enter a PIN. More contributing factors: theoretically you can spoof biometrics more easily (I mean, people leave fingerprints everywhere), and one last thing is as a convenience factor it will help you to not forget your PIN (also why your phone will ask to re-enter your PIN every now and then)
Shouldn’t it be encrypted anytime it’s locked? Also, why the PIN and not my finger?
Just going to preface this by saying I’m not a security expert.
Phones have 2 encryptions states BFU (Before First Unlock) and AFU (After First Unlock). Self-explantory I think; when you login to your phone after putting in your password the first time, your phone will go into AFU state.
In BFU, almost everything is encrypted. In AFU if you dump the same data you will basically get a lot more information because some of the data is now decrypted. That’s basically why you can access notifications, change settings around from your lock screen when your phone has been unlocked once but not the first time after reboot.
As for why PIN – I’m not American but apparently in US you can be compelled by law to unlock your phone via fingerprint but law enforcement cannot force you to enter a PIN. More contributing factors: theoretically you can spoof biometrics more easily (I mean, people leave fingerprints everywhere), and one last thing is as a convenience factor it will help you to not forget your PIN (also why your phone will ask to re-enter your PIN every now and then)
Thanks. That’s very informative. All stuff I’d never thought about.