At least in the us afaik the pin lock is the only method police cant get passed easily (they likely still can, but still) if you use your face or your finger to unlock your phone they can and will just hold you down and get into your phone.
this post was submitted on 26 Feb 2026
38 points (95.2% liked)
Explain Like I'm Five
20323 readers
33 users here now
Simplifying Complexity, One Answer at a Time!
Rules
- Be respectful and inclusive.
- No harassment, hate speech, or trolling.
- Engage in constructive discussions.
- Share relevant content.
- Follow guidelines and moderators' instructions.
- Use appropriate language and tone.
- Report violations.
- Foster a continuous learning environment.
founded 2 years ago
MODERATORS
A friend showed me his once where he has 2 separate accounts or something loaded at once. If he uses his face or regular finger/thumb it loads safe mode, and if he uses his left pinky or something it opens the real mode.
Maybe that would help?
This is well into paranoia territory. Anyone who is willing to either tail you until you have a medical episode or otherwise force the medical episode will have no trouble accessing your phone via more conventional means (kidnap + torture).
If you really want to protect against this "risk", either use a non-standard finger, or don't use biometrics at all.
And if you are likely to have a medical episode, either use your phones built in ICE (in case emergency) feature, wear one of those medical alert bands, or write the ICE numbers on your phone case.
in the US the police will not wait. if they want in they’ll claim you are hindering and arrest you for it. its innocuous and worse stuff like a traffic stop or a stop and frisk moment.
Password instead of pin/visual pin/fingerprint/face id. That is it. Nobody can break in without a backdoor.
At US border, if you refuse to unlock your phone you are immediately put into custody. All this bullshit is suprisingly ineffective with a gun pointed at your head.
GrapheneOS has a panic pin you can setup that when entered fully wipes the phone. You lose whatever was on it but that is the best "defense" I have seen so far.
Edit: not sure how thorough the wipe is but it would likely prevent access except through forensics.
Turn off biometrics and use a password. Problem solved.
Biometrics, authentication, and security don't go together. You're trying to shore up something that is fundamentally insecure. As you say, it's convenient.
The simplest solution right now is to use a pin code instead (this would just be for your phone unlock, you can still use bio for app locks). It's inconvenient at first but you'll get used to it. After that, you can look into changing the OS if you want more privacy, if you can unlock the bootloader. Lineage is a good choice, and it looks like e/os is available for some Samsung phones. There's already been a recommendation for GrapheneOS but that's only available for Google Pixels for now.
I'd recommend starting slow if you're willing to wait. Switch to a pin lock, try out FOSS alternatives with fdroid, start looking into alternatives for major accounts like Google, etc. It's a lot and easy to get overwhelmed if you go all in at once. I spent 4 years switching everything over to FOSS and privacy focused options. The best time to start was yesterday, the second best time is today.
Unlocking the bootloader makes your phone more vulnerable if you do not lock the bootloader after you install a different OS.
https://community.e.foundation/t/locking-the-bootloader-after-installation/68474
https://xdaforums.com/t/guide-to-lock-bootloader-while-using-rooted-grapheneos-magisk-root.4510295/
Also root does increase your attack surface, however it enables some convenience for security profiles so make sure you have a usecase for it.
https://ssd.eff.org/ is a good collection of privacy best practices.
Use a pin code or a pattern. If you're concerned about privacy, then handing tech companies your fingerprint isn't very wise to begin with.
The problem with pins/patterns is that someone could tail you until they see you use it, which for me wouldn't take long. With the expansion of the surveillance state, the secret police would only have to tail you through security cameras for a day or two before you unlock your phone within shot of one.
There is no silver bullet that can make it impenetrable, other than not using a phone. If you're a high value target, keep anything incriminating in some E2EE vault or service like proton, cryptpad.fr, crypt.ee etc. Really just keep any of it off your phone. If you're entering your passwords using a password manager with biometrics, the creds can't be captured by watching you type. Most people don't need to worry about this level of security or paranoia, and if they ever did, should just use a dumb phone and faraday bag than try to outsmart big brother.
Some ROMs have an option to move the number positions when you input a PIN. A decent protection from someone watching you key it.
Depending on your phone OS, iOS supports disabling biometrics if one repeatedly clicks the lock button. But this only narrows the attack surface, and relies on you having the wherewithal to recognize a situation when this needs to be done, or even being in a situation where you’d be able to.
Not sure if this is Samsung or Android, but one can enable lockdown mode and trigger it through power options (hold power/lock button)
Be careful: repeatedly pressing the lock button on many new phones will auto-dial 911.
Would facial recognition meet your risk tolerance? That generally requires your eyes to be open, which is at least harder to get around, compared to someone using your finger to unlock while you are unconscious.
Ultimately, you need to figure out your threat model and which risks you are willing to tolerate in the name of convenience.
If any possibility of someone using your biometrics to access your phone against your will is unacceptable, then a PIN is a better solution.
One could implement a finger based pin code where numbers 0-9 maps to unique fingers. Maybe that could somehow work?
GrapheneOS
He can not use it as he stated he's on a Samsung phone and Graphene is only installable on pixels .
GrapheneOS is only available on select Pixel phones that have the hardware security components that the OS requires. This mainly includes the Titan M chip, which serves as a root of trust that manages: