I don't understand why Apple and Google don't just use biometrics as a second factor, like GrapheneOS does. When you first start up, you have to enter your real long and complicated password, and then every time you unlock it after that, a short PIN + your fingerprint is enough. If you enter the PIN incorrectly too many times or hold your finger on it at the wrong angle, it locks and you have to use the real password. There is also a duress password. If you enter this instead of the real PIN, all data is deleted. This means that even if someone threatens you and tries to force you to cooperate, you can prevent the device from being unlocked.
No comments yet.