Should I trust that the Android factory reset actually erases my data?



  • I bought a Galaxy S20 Fe, logged my LastPass in it and all of my accounts (google, twitter, etc).

    Now it has a malfunction and I'm going to have to send it back to get my money back.

    When I factory reset an Android, I presume that it zeroes the memory in the writable partition of Android. This would explain why it takes 30 minutes to do a wipe. Instead of simply marking the data as deleted, it actually deletes it.

    Can I trust the factory reset, or should I change the LastPass password + all passwords inside?



  • All android 7+ devices are enrolled with File Based Encryption (FBE) that encrypts /data partition from first boot. FBE keys are bound to TEE and user screen lock authentication. On factory reset, TEE clears stored keys and OS wipes the data. At this point, even if your screen lock password is known, it's not possible to decrypt recovered data.

    It would not take longer than few seconds to wipe the data. Secure erase is not needed as clearing FBE keys is enough. Your device might be taking time in restoring factory image.


    I use fingerprint unlocking, which means keys/password/secrets are stored somewhere.

    Secrets that are bound to in-app biometric authentication are encrypted by the key that is generated & stored in TEE. Apps can also import cryptographic keys in TEE. Unless biometric authentication succeeds which is verified by TEE, TEE doesn't release keys of the querying app. This protection ensures that even if a malicious app compromises other apps, it won't be able to steal secrets of those apps without user authentication.

    Apps that are storing secrets outside of TEE and not bound to user authentication are still protected by FBE. On app uninstall, associated keys of the app are deleted. On factory reset, TEE clears all keys.

    reset - This permission allows to reset Keystore to factory default, deleting all keys that are not vital to the functioning of the Android Operating system.


    Hardware-backed Keystore



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2