What are the Device lock and Security code?

Jolla Care -

With the help of this article, you will learn how to set up a Security code to your device and what the device lock means.

 

CONTENTS

1 About the Device lock

1.1 Security code

2 Turning on the Device lock

2.1 Activation of the Device lock

2.2 Configuration of the Device lock

3 Functions that require the Security code to use them

4 How to disable the Device lock

5 Quick locking and unlocking

6 Permanently locked devices

 

 



1. About the Device lock

The Device lock has two main purposes:

  • It can be set to prevent using the touch display and thereby the whole device (i.e. it acts as a screen lock) 
  • It prevents using a number of sensitive device functions. The correct Security code must be typed
  • It can be extended with the encryption of user data (from Sailfish OS version 3.3.0 onwards on all Xperia devices).

One of the most common settings is to have your device prompt for the Security code every time you try to navigate further from the Lock screen. The Security code is needed for other purposes, too, as explained in chapter 3. It is also possible to select such a configuration that using the touch screen does not require the code (i.e. the screen lock is OFF) while the sensitive functions (see chapter 3) are protected and do require the Security code.

There is no way to recover any data from a device that is locked up with a Security code. This is because the purpose of the code is to deny all access to data on the device unless the correct code is entered. There are no extra secret codes or the like, opening backdoors. Therefore, make sure you do not forget the Security code you set.

The Device lock of Sailfish OS is off by default (i.e., it is off after installing Sailfish OS and after performing the factory reset) and there is no default Security code in Sailfish OS.  If a Sailfish device is locked, somebody must have created a Security code in "Settings > Device lock" and thereby enabled the device lock.

Setting up the Security code during the initial startup of a device (following flashing or factory reset) has been possible (but optional) in Sailfish 3. With release 3.4.0 it will become mandatory to set up the Security code in the initial startup. This is because of the user data encryption and allowing to define more users for the device (shared phone).

The dialogue for typing the Security code to unlock the touch screen can be replaced with fingerprint recognition (see step c in chapter 2.2). This works on devices supporting this feature and having the fingerprint detector. Note that from Sailfish OS release 3.4.0 onwards the Security code must be typed when starting up a device (i.e., the fingerprint recognition is not available in this case).

 



1.1. Security code

The security code of Sailfish OS can contain numeric characters {0, 1, 2, 3,... 9} only. The minimum length of the code is 5 digits but we recommend a considerably longer code. The maximum is 42.

Please note that this same code is also used for the encryption of user data.



2. Turning on the Device lock



2.1. Activation of the Device lock

The device lock is activated either during the Startup wizard, i.e. the first startup of the device (after installing/flashing Sailfish to the device) or later in the menu page Settings > Device lock. On this page, you will first need to touch the item "Use security code" to turn the switch light on in front of it.

The activation is done so that you type the Security code of your choice (at least 5 digits but consider a longer one) once and then again for confirmation. There is no dedicated ON-switch. The device lock is active now, immediately.  You will need to type this code always when beginning to use the secured functions discussed later in this article. Please memorise your code!

Only if there is no switch light in front of the text "Use security code" then you know that no security code has been configured to this device.

 Secu1.jpg  Secu2.jpg  Secu4.jpg
 

Secu5.jpg  Secu6.jpg

The last picture above has the switch light on in front of the text "Use security code". Therefore, all the sensitive functions of chapter 3 are protected. Also, the touch screen becomes automatically locked (unless the option "Not in use" is chosen).

 



2.2. Configuration of the Device lock

The correct Security code must be typed in before changing any of the settings below.

a) Automatic locking

This item in the Settings means the touch display lock only (whereas the Security code is in effect for all of the functions of chapter 3 all the time, regardless of this setting of 'Automatic locking'). This time value defines how soon (or if not at all) the touch display lock goes on.

  • "No delay" means that the touch display is locked immediately after switching the display off (black screen) with a short press of the Power key or by tapping the lock symbol in the Top Menu. When you press the Power key shortly the next time, the black display will be replaced with the Lock Screen view of the picture below left. The two arrowheads guide you to swipe horizontally. By doing so the Security code dialogue appears.
  • "10 minutes", for instance, makes the display lock go on after 10 minutes from switching the display off, i.e. during the first 10 minutes the display can be turned on without typing the code
  • "Not in use" prevents the display from getting locked at all.
    NOTE that the Security code will be requested even with this option when attempting to perform certain protected actions with your phone (see chapter 3). Making this selection ("not in use") does not remove the Security code from your device!



 Lock_Screen.jpg  Secu7.jpg  Secu8.png

 

b) Show notifications when the device is locked

Notifications from various apps are shown on the display also when the Device lock is enabled.

c) Configuring the fingerprint recognition

This function requires the fingerprint detector on the device. Not all Sailfish OS devices have it (so this menu item is missing from devices that do not have it).

Fingerprint recognition can be used to unlock the screen lock (instead of typing the security code) and when going to add a new fingerprint. Sailfish OS does not support fingerprint recognition in other contexts (see chapter 3)

NOTE: If the user data of your phone has been encrypted (see this help article), the phone, while being turned on, will present the dialogue for entering the code to unlock the encryption. This code (which is the same Security code as for the Device lock) must always be typed, i.e., it cannot be bypassed with a fingerprint.

Adding a fingerprint

  • Type your security code
  • Start tapping your fingerprint on the detector until the fingerprint symbol becomes all white. Follow the on-screen instructions
  • It is possible to add several fingerprints (Fingerprint 1, Fingerprint 2, Fingerprint 3, etc.)

Finger1.png  Finger2.png  Finger3.png

Finger4.png  Finger5.png  Finger6b.png

Deleting a fingerprint

Tap-and-hold a "Fingerprint #n" item. Take 'Delete' from the pop-up menu.

d) Number of tries

One can decide how many times one can try different codes in the Security code dialogue. Consider the best value in case your phone is in wrong hands; also consider the case where you cannot recall the code yourself. The options are:

  • 4 to 50 times
  • Unlimited

e) Change security code

By tapping this button one can replace the current Security code with a new one.



3. Functions that require the Security code to use them

 

As explained in the previous chapter, Security code prevents the use of the touch display (and thereby the use of the whole device). It is also used to protect the use of the following functions:

  • Make changes to the Device lock settings (note: there is no specific button to accept the changed settings - another security code dialogue appears for the confirmation, instead)
  • Toggle certain items in Top Menu
  • Allow connections over USB cable
  • Sign in to a corporate MS Exchange account. Many service providers require that the Device Lock is in use to protect confidential information
  • Allow installation of untrusted software
  • Enable Developer mode
  • Set the password remote connections (SSH password)
  • Set the password for Internet sharing (WLAN hotspot)
  • Reset the phone to factory settings
  • Use the Recovery mode
  • Enable user data encryption (from OS release 3.3.0 onwards)

NOTE:  Even if you set your Automatic locking to "Not in use"  (affecting the touch screen lock), you will still be prompted to enter the Security code for the actions described above.

 



4. How to disable the Device lock

Device lock can be turned off in three ways (of which the 1st is the intended one):

1) Switch off the light in front of the item "Use security code" by tapping it. This requires that you type in the correct Security code.

NOTE: If the user data of your phone has been encrypted (see this help article - all Xperia devices are encrypted from Sailfish OS version 3.3.0 onwards), then this switch light is missing from your phone, i.e. you cannot disable the Security code.

2) Reset the device into factory settings. This requires that you type in the correct Security code.

3) Install ("flash") Sailfish OS to the device, again, or have it installed. Our instructions are in this help article.

 

 



5. Quick locking and unlocking

Please read this article about locking and unlocking the screen faster with the Power key.

 



6. Permanently locked devices

If your Jolla device is asking you for a security code you don't remember, or for a code you don't remember having configured with your device, there is nothing to be done at the moment.

If you are using an Xperia device then it is possible to unlock the device and eliminate the Security code by installing ("re-flashing") Sailfish OS to the device, again. This would, however, clear all data, apps and accounts from the device.

If you try to unlock the phone too many times with an incorrect code then the phone becomes permanently locked, it may be possible to unlock a permanently locked device using the Recovery Mode (help article for Jolla1 and for Jolla C).  The requirement is that the correct lock code is known.

 

Read chapters 1 and 2 in the Recovery Mode article and do as instructed in them. 

Jolla Phone (Jolla 1)

NOTE: This method does not, unfortunately, work anymore with Sailfish 3.

Take option "#4 Shell"  in the menu. Allow it continue by typing 'Y'. Type in your security code. Perform the following commands (copy/paste the commands from here to the Telnet terminal):

mount /dev/mmcblk0p28 /mnt
printf `date -u +%s`0 > /mnt/usr/share/lipstick/.devicelock.time

Jolla C or Aqua Fish

NOTE: This method does not, unfortunately, work anymore with Sailfish 3.

Take option "#3 Shell".  Allow it continue by typing 'Y'. Type in your security code. Type "Exit", then take option "#6 Exit".  This should have unlocked the device. If not, the commands below would do it.

mount /dev/mapper/sailfish-root /mnt
sed -i "/nemo\\\devicelock\\\maximum_attempts=/c\nemo\\\devicelock\\\maximum_attempts=-1" /mnt/usr/share/lipstick/devicelock/devicelock_settings.conf

All Jolla devices

Take this process to the end as follows:  Disconnect the USB cable from your Sailfish device and detach the battery. Then insert the battery and restart the device. Enter the security code when requested.

 

Have more questions? Submit a request
Powered by Zendesk