Warning: This module can NOT protect you from targeted attacks and forensics. You may need more security methods to deal with a complicated threat model.
AlternativeUnlockXposed
Unlock your Android phone with an alternative PIN. (Xposed, Root)
This app provides an reliable way to run something when providing a specific, wrong PIN on your Android lock screen.
Unlike Duress, this app uses Xposed Framework so you can also unlock your phone with a wrong PIN, preventing some social engineering vulunability😇 And by the way it also works before your first unlock after reboot.
Feature
- Alternative PIN to unlock phone
- Run command on alternative PIN, with root
- Easy to use user interface
- Material You design
Currently tested on:
- Android 14 (arm64)
- Android 13 (x86_64)
- Android 12 (x64_64)
- Android 11 (arm64, LOS 18.1)
Currently NOT working on:
- Android <= 10
It should also work on other architectures .
HowToUse
- Install Magisk
- Install LSPosed
- Install this module
- Activate this module in LSPosed settings (It automatically enables for SystemUI)
- Launch AlternativeUnlockXposed, allow superuser access, set your primary password and alternative password
- (optional) Setup what to do when entered the alternative PIN: change action to sudo, and set your command.
e.g. :
for i in `pm list packages | grep -i -E 'telegram|sagernet|twitter|discord|tinder' | cut -d : -f 2` ; do pm disable $i; done - Test your unlock after click "Restart SystemUI"
Pro tip: You can use some automation software to make it easier to customize your commands ! just use a command like
am broadcast -a safety.intent.testand catch the intent in your favorite app, it could be extended to do some stuff like take a picture, record audio, send a email, etc. like Automate . Note this kind of software can't work before unlock, so just make it an addition to your commands separated with a;.
If you are using this software, please consider to give it a star ⭐ on Github so we can know how many people are using it, since it doesn't contain any kind of tracking code.
Download
Roadmap
- [x] Support PIN unlock
- [x] Run custom command on alternative PIN
- [x] User interface
- [ ] Run different commands on multiple fake password
- [ ] Support more lockscreen modes
- [ ] Zygisk version (?)
- [ ] Require authentication for settings activity
- [ ] Option to hide the app from launcher
(I don't need it because I use SmartLauncher)
Screenshots
How does it work ?
When the fake password is provided, this module detects the input and replaces it with the real password. As a result, both the fake and real passwords can unlock the device, regardless of whether it is the first unlock or not.
Furthermore, since the fake password will be replaced with the real one, the fake password can also successfully decrypt the phone after a reboot.
Credit
- Duress (for this idea)
- Google Bard (for app icon)