Click to Skip Ad
Closing in...

Hack makes it possible to factory reset any Samsung phone without a password

Published Aug 12th, 2016 8:00PM EDT
Galaxy S7 Note 7 Factory Reset Protection
Image: Zach Epstein, BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Android has a factory reset protection feature that’s supposed to prevent anyone from using a lost or stolen device without proper authentication. But hackers always seem to find ways of preventing  the feature from working properly – in this case, they’ve found a way to circumvent the factory reset protection.

DON’T MISS: The iPhone 7 is going to be so much more exciting than you think

A brand new video on YouTube channel RootJunky shows us that the factory reset protection can be bypassed on Samsung devices, including the Galaxy Note 7 and the Galaxy S7 series. The method works on older devices as well.

While this might be a security oversight from Samsung — one that will probably be patched in the future — the method isn’t simple, so it’s not like Samsung could have easily seen this coming. Here’s how it works, as explained by Android Police (emphasis ours):

After confirming that the FRP is activated in the bootloader, he reboots the phone, connects it to WiFi, then connects it to a computer. The next step is downloading a program from his site that allows him to send a fake call to the phone. Once the call comes in, he hits “Create contact”, scrolls all the way down in the contact creation list, and clicks the “SCAN BUSINESS CARD” option. That opens a prompt to download the business card scanning app on Galaxy Apps. From there, it’s a matter of downloading a file manager after signing into a Samsung account, which lets him get to an app he created that essentially acts as a shortcut to a Google sign-in screen. There, he hits the three-dot menu on the top right that permits him to open a web page to sign in through. After this, he signs into a new Google account, reboots the device, goes through the setup process once again, and voila! The S7 is able to be used normally again.

Try explaining that to a friend. Simple, no? Also, you would need those special apps to fake a call and to sign into a new Google account during the process.

As you can see, this isn’t really the kind of hack Android device makers can foresee, and it takes a lot of effort to come up with such hacks. Watch the video below to understand it better.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.