From two-factor authentication codes to conversations and photos, our phones contain a ton of sensitive data these days. We rely on PINs and biometrics for daily security, but I shudder to think what would happen if that data landed in the wrong hands. And while Android is secure enough against remote attacks and malware these days, what if I’m forced to unlock my phone and hand it over? GrapheneOS, the privacy-focused Android fork, offers a rare solution to this hypothetical: the ability to set a duress PIN or secondary password that wipes your device clean and leaves no trace of your presence.
I’ve had a duress PIN set up on my phone for a while now. While it’s not something I hope to ever need, knowing it’s there gives me peace of mind. And even though I don’t think Google will add a feature as extreme as this one to stock Android, I can definitely see a use-case for a less extreme implementation. Here’s why.