1. Home
  2. Android for Work
  3. How to securely bypass Factory Reset Protection for Android devices using Hexnode MDM

How to securely bypass Factory Reset Protection for Android devices using Hexnode MDM

Google Factory reset protection is a feature that is enabled by default on your phone or tablet running Android version 5.1 or above to prevent others from using it if it gets reset to factory settings without your permission. If an unauthorized person tries to reset the device, the device would still require log-in using the previously configured Google username and password. This means that if your device is lost or stolen, another person would not be able to reset it and use it.

Note:


Factory Reset Protection can be applied only to devices (Android version 5.1 and up) enrolled as Device Owner in Android in the Enterprise (AfW) program.


However, this feature, despite being very useful, can cause some serious problems and put people in a situation in which they need to bypass Google account verification, so they can use the phone. Once enabled, FRP only allows a user with a Google account password to factory reset and activate the device. With enterprises, this is very inconvenient since company provided devices lock into an employee’s Google account. If the employee were to leave the company, then the device becomes unusable as a company asset. With Hexnode MDM, you can add a G Suite email id and google+ profile ID to log in to your devices to bypass FRP in situations where you forget/don’t know the previously configured google account credentials.

What is Factory Reset Protection?

Data protection, or Factory Reset Protection (FRP), is a security feature on Android devices with Lollipop 5.1 and higher. Once FRP is activated, it prevents use of a device after a factory data reset, until you log in using a Google username and password previously set up on the device. When you perform a Factory Data Reset, all settings are returned to the factory default settings. All data is erased, including files and downloaded apps. If you have a Google Account set up on the device, FRP is active. This means that after the reset, you’ll be required to log in to the Google Account using the username and password. If you have multiple Google Accounts set up on the device, you can log in using any of the accounts.

Note:


FRP will become active only if you set up a google account on your device before it gets erased.

Enable Google Factory Reset Protection using Hexnode MDM

To enable FRP,

  1. Login to your Hexnode portal.
  2. Navigate to Policies.
  3. Select an existing policy or create a new one by clicking on New Policy.
  4. From Android, select Advanced Restrictions and click on Configure.
  5. Go to Factory Reset Protection (Google Account Verification).
  6. There are three options in the drop-down list:
    • Default: If this option is selected, the default settings on the device will work.
    • Enable Factory Reset Protection: Select this option to enable Factory Reset Protection.
    • Disable Factory Reset Protection: You can disable Factory Reset Protection by selecting this option. When this option is selected, user can skip the Google account verification step during the set-up process.

    Choose Enable Factory Reset Protection.

  7. Add a G-suite account and Google+ profile id to sign in to your devices in situations where you forget/don’t know the previously configured google account credentials.

How to find your Google Account ID?

Google Account ID refers to the 21-digit ID of your Google Account.

Here is how you can find it!

  1. Click on this link.
  2. Under Request parameters, enter people/me under resourceName and metadata under personFields.
  3. Click on Execute.
  4. Login using your Google account.

The 21-digit ID corresponding to id under application/json is your Google Account ID.


Google ID

How to associate the policy to a device?

If the policy is not saved

  1. Go to policy targets > Click on Add devices.
  2. Select the device to which the policy is to be associated > Click OK.
  3. Save the policy.

If the policy is already saved

  1. Check the required policy from policies tab.
  2. Click on Manage > Associate targets.
  3. Select the device > Associate.

Factory reset protection

Warning:

Factory Reset Protection won’t work if the device wipe is authorized (if you perform a device wipe from Settings > Factory data reset). In such cases you may be able to skip Google account verification during the set-up process.

To securely bypass Factory Reset Protection using Hexnode MDM

If you forget or don’t know the credentials of the google account configured on the device before reset, Hexnode provides you options to securely bypass the account verification step during the initial set up process. Use the credentials of the G Suite account or Google plus profile id added on the policy you have configured to bypass FRP.

  •  
  •  
  •  
  •  
  •  

Was this article helpful?

Related Articles

Leave a Comment