I’m running Graphene on a Pixel 6. I lost it and someone opened it somehow and called two of my contacts to give it back.
I’m a bit confused how this even happened. When I got the phone back, they were going through my contacts. I checked app usage stats and they went through a banking app (not missing money), maps, signal, etc.
Is there a way to figure out how they even unlocked my phone?
If they were able to guess your pin, you should probably switch to a longer pin or a password. It seems insane at first to type a long password, but if you pick two long scientific words, its secure with only letters.
I use a password longer than the android limit (16 characters) since graphene allows longer; I use letters numbers and symbols. But I also use biometrics, because fuck typing that every time I need to open my phone. Allows for a very secure fresh (re)boot state, and with decent security when it has been unlocked at least once. I also use Locker, which (assuming it works, it’s a few years old now, luckily never had to see) lets you set a max number of unlock attempts before using admin privileges to wipe. And graphene lets you set a ‘time since last unlock’ auto-restart, to get that initial secure state back.
Probably overkill, but I have leos in the family and I have been harassed before several times over the years (often without any cause or merit), as a teenager and beyond, and I don’t trust anyone wearing a badge anymore. So ‘plan for the worst, hope for the best’ is my strategy.