Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 7 subscribers
  • Views 10594 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

avoid duplicate password entry on restart

Michael Peters

when I restart my Android phone, I have to enter a 4-digit code for the device itself, and then another (I use the same) 4-digit code on swiping because Sophos wants that.

Is it possible to configure Sophos so that a fingerprint is sufficient on restart? entering the same 4-digit code twice on restart is somehow ... stupid.

 

-Michael



This thread was automatically locked due to age.
  • 0

    I think you will find the first code on restarting is to decrypt the phone so it can boot up. the second is your normal screen lock code, they are often the same I do not think these can be changed from SMC.

     

    John

  • 0 in reply to JohnCabra

    thx John ...

     

    yes, you rephrased my question: the Sophos screen lock functionality requires entering the code on restart, the thumb scan is not sufficient then even if I can unlock the screen with my thumb later on. Is there a way to configure it so that the thumb scan is sufficient on restart as well so I don't have to enter two codes on restart? I really see no reason for this and it is a nuisance.

     

    -Michael

  • 0 in reply to Michael Peters

    Hi,

    unfortunately no, text below on encrypting an Android device

    Note that even with a fingerprint reader, you can’t use a fingerprint to unlock a device on first boot—you’ll have to put in the password, PIN, or pattern. After the device has been decrypted with the correct security unlocking method, the fingerprint reader can be used to unlock the screen moving forward.

    However in security on some devices you can turn off the requirement for the boot up pin, however this does make your device less secure.

    to do this turn off the pin and then turn it back on you should get an option not to require the boot pin (I do not think this would be good though but it is your data :-) )

    John

  • 0 in reply to JohnCabra

    thx John ...

    hmm ... before I installed Sophos, I didn't have a screen lock. When I booted the device I had to enter the pin, and then the device was open.

    Now with Sophos, I have a screen lock with a pin (I used the same as the device pin) OR a thumb scan.

    The rule that the first screen lock, after boot, has to be unlocked not with the thumb scan but with the pin that I entered into Sophos seems to be a Sophos thing, not an Android thing. It says something like (I have a German version) "enter a PIN instead of the thumb scan after reboot, to protect the thumb scan" (whatever that means).

    If it is a Sophos thing, it should be configurable, no?  or does Sophos simply trigger system functions?

     

    -Michael

  • 0 in reply to Michael Peters

    I suspect you have a rule in SMC calling for encryption (we do) or it could be enforced by your mail server.

    If you encrypt you have to have a pin to de-crypt

    Sorry cannot think of a way round it

     

    John

Unfiltered HTML