I have written an application that locks android phone remotely. That is when a special code is sent from server then application locks the phone based on the special code. This is the code I am using.
if (!mDPM.isAdminActive(mDeviceAdminSample)) {
// try to become active – must happen here in this activity, to get result
Intent intent = new Intent(DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN);
intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN,mDeviceAdminSample);
intent.putExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION,"Admin is added to do security operation.");
startActivityForResult(intent, 0);
} else {
// Already is a device administrator, can do security operations now.
mDPM.lockNow();
}
The above code is working and it's locking the phone.
I am able to unlock the phone by entering password from soft keypad. Is there any way to unlock it through code?
My question is how to unlock the phone through code.(This unlocking should be done remotely in the manner I explained for locking)
I believe you cannot override the built-in screen-lock unless you make your own device like Samsung and HTC do. However, by having your customers use your own screen-lock-like app you probably can achieve what you are trying to do.
I do not think your remote unlock goal is achievable.
The way Android is set up, is that many apps may have Device Administrator privilege, and any Device Administrator can issue a lock command, but the unlock has to come from the user.
I can suggest one thing you to simplify this: Your app could try to remove the key lock password, and then the user can use the device without a code simply by sliding a finger on the screen.
Now there is a snag in what I suggested, if your app is not the only device administrator. In that case, some other administrator app could set a minimum password length (or some other password restriction) which would prevent your app from clearing the screen lock password.
If your goal is to help a user that forgot his/her screen lock password, then your server could invent a new password, inform the user what the new password is, and also send the new password to your app and your app could apply the password. The user can then unlock the phone. Do not worry, it is not as complicated as it sounds.
Sorry to write that - There is no way to unlock phone from code. If you find any way to do that - no warranty to work. So there is no way to remote unlock, writing custom lock screens, etc.
You need to use mDPM.resetPassword("", 0)
http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String, int)
When set password string as "", current password is replaced with empty values & screen lock disappears.
try this
KeyguardManager manager = (KeyguardManager)context.getSystemService(KEYGUARD_SERVICE);
kl = manager.newKeyguardLock("my-remote-app");
kl.disableKeyguard();
//for reenabling keyguard on exit (if you need)
onDestroy() {
kl.reenableKeyguard();
}
this works <=ICS.
This is a deprecated api, they suggested you to use the flags from WindowManager for similar effect. Although I failed to generate the similar effect using the WindowManger.
Hope this helps,
Please note that I'm not an Android developer, but:
If you look at this, it looks like you can ask the WindowManager to dismiss the key guard if you have the right permission, even if you're in "secure lock" mode.
As per my knowledge, we cant unlock password protected phone programatically.
One solution would be to write a "custom lockscreen".
Sure, it's not the easiest way, but it would work as you can do everything you want with your own lockscreen.
If you are considering that solution, feel free to contact me, I'll give you some useful links.
Cheers!
Related
Im trying to develop an app which has a few security options, and for one of those options I need to able to know if the device is locked with any kind password(numbers,pattern,etc) so I started reading the android documentation and found two KeyguardManager methods, isDeivceLocked() and isDeviceSecured() however I don't really see much of a difference in the description, so what really is the difference between the two? thanks in advance
The official API states the difference, though it might be a bit confusing. The key difference is whether you want to know the general configuration of the device, or its current state.
So isDeviceLocked() returns true if the device is currently locked behind some kind of password or identification mechanism, which is required in order to unlock and use the device. It returns false in case that the device is currently open and in use, or that it just doesn't require any password/identification in order to open it. (reference and more details may be found here)
On the other hand, isDeviceSecure() returns true if the device has been configured to use any kind of password or identification mechanism - even if it's not currently required in order to use the device.
In case you wonder what scenario might cause isDeviceSecure to return true, while isDeviceLocked returns false: it might happen whenever the device in in use (after the lock password has already been entered). Another scenario might be when the device has Smart Unlock (or trusted devices) configured, so that currently it wouldn't ask for a password or any other kind of identification in order to open/unlock itself.
How do we retain the seamless fingerprint unlocking effect after using DevicePolicyManager to perform lockNow() in Android 6.0?
Assuming on devices with fingerprint scanner and the app calling lockNow() has "USES_POLICY_FORCE_LOCK" and had been granted Device Administrator status.
This is the documentation for the lockNow() function:
public void lockNow ()
Make the device lock immediately, as if the lock screen timeout has expired at the point of this call.
The calling device admin must have requested USES_POLICY_FORCE_LOCK to be able to call this method; if it has not, a security exception will be thrown.
Gaining Device Administrator status and performing lock just fine. For sake of reference, see this SO question for the approach I used.
The problem is after the phone locks, the fingerprint scanner no longer smoothly unlocks the phone. Instead, the fingerprint scanner prompts me to input the fallback PIN code. Is there something new I have to do in Android 6.0 in order to retain the fingerprint unlocking effect after performing a lockNow() call?
I have looked at all the DevicePolicyManager flags (in the documentation) and it seems to be offering disabling of things rather than enabling of things.
Thanks!
Looks like Google has marked it Working as Intended without any proper explanation.
https://code.google.com/p/android/issues/detail?id=79735#c110
and also here
https://code.google.com/p/android/issues/detail?id=191955#c23
So we currently we have no way of locking the screen programmatically while keeping smart lock working. They also say that "developers are using it incorrectly". Not sure if they are joking or serious.
EDIT : some unsatisfactory explanation here https://code.google.com/p/android/issues/detail?id=79735#c115
As mentioned in this link: https://code.google.com/p/android/issues/detail?id=79735, this seems to be a problem with smart lock, and not just the google imprint (fingerprint scanner).
If you can rely on root privileges you can probably use: PowerManager.goToSleep(0);
Without root privileges it looks like there is no better solution as of today.
After achieving device ownership, I am trying to implement a method to instruct the device to lock any given app into kiosk mode (or screen pinning mode). Since I have device ownership, the user is not asked for the permission to do so.
From the developer website, brief description tells me that it is possible to do what I am trying:
http://developer.android.com/about/versions/android-5.0.html#ScreenPinning
Programmatically: To activate screen pinning programmatically, call
startLockTask() from your app. If the requesting app is not a device
owner, the user is prompted for confirmation. A device owner app can
call the setLockTaskPackages() method to enable apps to be pinnable
without the user confirmation step.
This indicates that as a device owner app, I can pin other apps without user confirmation... but I have no idea how to.
I have been able to put my own app into pinned mode.
Any help would be appreciated.
The setLockTaskPackages() is used the specify which applications (through their package names) will be able to programmatically be pinned without user confirmation.
The setLockTaskPackages() is called from your device owner app (most probably in your DeviceAdminReceiver's onEnabled() method).
So, in you owner device app, you'll have something like :
mDPM.setLockTaskPackages("com.foo.myapp");
and then, in your "com.foo.myapp" application, you will be autorized to call :
startLockTask();
Your application will immediately enter the Pinning mode, without any user confirmation.
If you don't first register your application with setLockTaskPackages, the application will be pinned but the user will have to confirm first.
Also notice that when an app is registered with setLockTaskPackages(), it has some different behaviours than the manual pin:
the user cannot unpin manually the application by long-pressing Back + Recent Apps. You'll have to programmatically unpin your app with stopLockTask();
The "Home" and "Recent Apps" buttons are invisible (not displayed)
When the app is unpinned (via stopLockTask()), the user will directly go back to Home : no Screen lock is displayed, even if a Keyguard is set (Pattern, code, or whatever Keyguard screen).
I've not enough reputation for a comment, just would point out that for devices with physical buttons (like the Samsung Galaxy Tab A mentioned by #chairman) one way for manage the forced unpinning of your application is to implement in your DeviceAdminReceiver class the following:
#Override public void onLockTaskModeExiting(Context context, Intent
intent)
So if your user want to for the unpin you can always re-pinning your app ;)
Here's a code snippet that should get you going:
DevicePolicyManager myDevicePolicyManager = (DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE);
mDeviceAdminSample = new ComponentName(this, DeviceAdminSample.class);
if (myDevicePolicyManager.isDeviceOwnerApp(this.getPackageName())) {
// Device owner
String[] packages = {this.getPackageName()};
myDevicePolicyManager.setLockTaskPackages(mDeviceAdminSample, packages);
} else {
// Not a device owner - prompt user or show error
}
if (myDevicePolicyManager.isLockTaskPermitted(this.getPackageName())) {
// Lock allowed
startLockTask();
} else {
// Lock not allowed - show error or something useful here
}
I am making a Utility app for my galaxy nexus. I want to reboot my tablet in safe mode.
I tried to look in PowerManager
PowerManager p = (PowerManager) getSystemService(POWER_SERVICE);
p.reboot(reason);
It seems this will not reboot the device in safe mode. Is it possible to reboot the device programmatically? How?
Basically there are two known ways to enter Safe Mode:
Android detects a problem with a newly installed app and force-closes it while entering into Safe Mode.
A combination of key presses at power application;
I doubt there's yet another way of doing it. If there was, most recoveries and power menus of Custom ROMS would have included that.
The string passed to reboot() is a kernel param, and would have effect only if device's kernel has that option. You can try some options here.
UPDATE:
Safe Mode is toggle is inside PackageManagerService of Android's system server ("package" service):
public void enterSafeMode() {
enforceSystemOrRoot("Only the system can request entering safe mode");
if (!mSystemReady) {
mSafeMode = true;
}
}
and here are some points about using it from any APP :
Process executing this code must be System or have Root previleges
This is an internal service and off-limits to any outside code. Though, some system classes indeed get implementation stubs (IPackageManager) of this service.
The mode change can only be useful when system is yet to be ready.
Let's suppose your app does turn on safe mode some how, due to safe mode being enabled, it won't be around to turn it off. Unless its a system app, built into ROM.
A third way to enter safe mode (available sometime after GingerBread 2.3.5)
With device fully powered up, Press power button, and the LONG press on the power off menu item. An option appears to go into safe mode. Because of this, there may now be a way to programmaticaly enter safe mode. Sure hope so to help troubleshoot. i am going from memory on a lifehacker article which referenced yet another source.
I'm developing a security enhancement android application. There is a need to lock the android phone, hence using Device admin and it works fine.
But, when setting a password, i'm in need of using Intents or i'm navigated to in-built UI screens to enter password.
Intent intent = new Intent(DevicePolicyManager.ACTION_SET_NEW_PASSWORD);
startActivity(intent);
Is there any way to set password without using default screens / without UI ?
Kindly help me..
DevicePolicyManager DPM = (DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE);
String pw = "abcd123";
DPM.resetPassword(pw, DevicePolicyManager.RESET_PASSWORD_REQUIRE_ENTRY);
Not sure this is what you need but it's how I set passwords for the user.
No - and the reason for this is that from Google's perspective (your requirements may vary, but you're in the minority) the user should always have a chance to know the password for their device. Allowing an application, even as a Device Policy Manager, to change the password without user input could lock a user out of the device they might need to function without them understanding why, which is a very poor UX design. You can reset the user's password, or, as you've already noted, launch the screens to help them change their password but that's the best you're going to be able to manage without a custom build of the OS.