I am wanting to encrypt my phone and SD card. I have been reading around about it all week and still don't understand a few things. I though that the encryption was like blackberry encryption, where you put the password in every time you turn the phone on to the screen lock. After a bit of reading, I understand that the "decryption" is only done at boot up by putting the password in once. After that, you have to put the same password in at the screen lock simply because of a limitation of Android not allowing two different passwords. I do know that there are new ways to use a different password on the screen lock, and even a pattern lock, that's not my issue.
Here are my questions....
- If the device is technically decrypted after boot up, is the screen lock the only security on the phone once it's turned on?
- Does the screen lock of an encrypted device have any stronger security than that of an unencrypted device? If not, it seems like the phone is just as vulnerable to data theft as an unencrypted device if someone steals it while it is turned on. I understand that it will encrypt again if they turn it off, but if it's on, what good is encryption?
- If someone pulls the SD card out (which is encrypted) they can't read it with a card reader, but if they put it back in the phone while it's still on, won't the decrypted phone just mount it again so they can read it from the phone?
- Finally, on a Blackberry, a wipe is performed by erasing the encryption key. This makes an almost instant wipe of the whole phone and SD card. I know an encrypted device has to be wiped the same as an unencrypted device, but is Android programmed in a way that the encryption key is wiped first, in case someone pulls a battery or forces a phone off during a wipe? I know that's far-fetched, just curious about how it works.
Not sure if it makes a difference, but I am using a Razr Maxx HD, rooted on OTA 4.1.1