Have a look/test if your new phone is treble supported. If it’s coming with oreo or pie or q it will. Than you can use eOS pie GSI. The standard GSI will encrypt your phone at first boot.
2 Likes
Very simple nice 
I wanted to add something very important in what i learned : when someone still your phone double auth can become a nightmare.
I refused many times to set it on my accounts except for Gmail and maybe one or two others. Right now i can’t access GMAIL and these but i can’t imagine if i had trust this kind of protection on all my accounts.
And when i see that banks want to apply this process as main mean to protect accounts … better to never loose my phone 
I don’t know how a robber think but if I was one, I would take the time (I guess they have it) to look at the phone to find bank apps or a way to make money. And the fact there wasn’t any password won’t help. So consider they have looked at everything.
It’s true if the 2FA method is a number phone on a stolen SIM card.
If possible, I use the code generator method.
1 Like
I checked and it supports treble.
My phone is the Xiaomi Redmi Note 8, i saw that someone on lineage community made an unofficial rom but i’m not sure to install it because i don’t know the difference between lineage and /e/ about how Google Play alternative work (i really enjoyed the /e/ default store that let find much apps from play store)
You’re right i must think like they did it, that’s why i’m taking every accounts one by one and changing every passwords … it’s very long because i listed every accounts i have on internet and i must change them all (141 credentials with different passwords)
For 2FA i’m agree with you. Do you have one good alternative to this of Google ? Where do you securely store the recovery keys ?
Than have a look here.
But use standard GSI, not mine
1 Like
Use keepass2android. You can sync via ecloud and use on every pc OS to.
At least you have already listed them. I also have a complete list of my accounts and for each of them I can directly know which email address is used, if the account has my number phone, my name, my postal address. This way if I need to change one of these informations or the password, I can do it very quickly without forgetting a single account.
I don’t know what you are talking about but I use “Aegis”, an alternative to “Google Authenticator”.
I store my recovery keys (keys used to recover an account without the code from the 2FA method) in plain text on my external hard drive. But the hard drive is encrypted thanks to VeraCrypt.
1 Like
@harvey186 Thanks i will take a look on it 
@Anonyme Yes i was talking about Google Authenticator, i will try Aegis
Hi, you can get better protection if you use keepass2android using ykdroid and a yubikey hardwaretoken if your device supports nfc.
No easy way, but i use keepassxc on linux to fill my keepassfile and k2a to read it. you may handle it the other way round if your main device is your smartphone.
1 Like
@blackpoint I never heard about that FRP lock very interesting … and well done for your friend !
@bodo what can you o if you loose the yubikey or if its damaged by something ?
I use and recommend 2 Keys and a backup of the secret you generated and stored into the key. The YubiKey 5 NFC Works reliably with my Fairphone3 with /e/. I dont know if the cheaper Yubico Security Key NFC will work. The keys are robust and my 2nd is security against loosing my physical keyring.
1 Like
Hi @babydriver sorry to hear about the loss!
I think that something should be baked into /e/, via nextcloud, as @blackpoint mentioned… the option to restore all datas through external server. Of course, optional… /e/ is about privacy anyway.
@babydriver I would totally recommend using @harvey186’s GSI on your Mi8! It is a difficult install process but very rewarding.
Thanks for sharing the experience, bad as it was!
1 Like
You could also use something like Lookout to be able to remotely lock and/or wipe your handset if lost or stolen. It’s £20 a year. It also has other benefits, including app scanning, web safe browsing, wifi advice & privacy scanner.
NickP
1 Like
Hello everyone,
Firstly i want to say thank you again for your kind messages and good advices, i come here to bring you some interesting news and thoughts that i had with my current situation and how to handle with phone stealing after “the event”.
Some days after i opened this topic my girlfriend received some calls from the stealer using my old phone. To do this he used wifi and my the app that i used to send messages with my girlfriend as replacement to whatsapp : Signal.
Luckily because i recently installed a new ROM there was very few and not intersting data inside my phone, just three messages to my girlfriend and no photo but this was enough for the stealer to try things.
She took the call and she couldn’t understand anything, the guy seemed to be with many people talking at the same time, maybe the stealer was in a shop or in a crowd, but this fact confirmed that he took the time to take a look everywhere on the phone.
I changed every passwords but one security issue concern Apps using phone number authentification like whatsapp, because here i need my phone number to take contol back. For this, i conclude that ordering 2 sim cards for the same phone number can be a layer of security to have the time to lock this kind of accounts before blocking the line.
I told the police about that, i was angry because even if i brought them the IMEI the stealer was still able to use my phone many days after to use my messaging app throught wifi.
They told me that IMEI process can take much time (around 7 days), i told them that maybe they could try to track my phone if the stealer is using it but i think that i was talking to people living in the 90ies, …
Later my girlfriend received two phone calls from two different phone numbers, i was with her to listen and try to make the guy talk. It was a young guy, speaking with a weird accent, and trying to maybe i don’t know …having a date with my girlfriend like a teenager that was a little bit funny. I brought the numbers to the police, they did nothing … well they looked bored and they told me that most of the time stolen phone are sold in foreign country and that stealers use temporary sim card bought in little shops and that’s difficult to track them blablabla to me it just sounds like “we don’t have time and we don’t have means to do our job”.
I don’t understand why there is not a “cyber police” for this cases, … anyway …
I ordered my SIM card and i never received, i’m talking about that to share an other conclusion : choosing a good phone network provider (with efficient and easy-to-call assistance, stable financial situation, good network, good commercial assistance, special services and maybe other options to customize everything) is an other very important layer of security (the price is the worst criteria to choose a phone network provider, “never trust the price”, that’s what i learned here).
And a last thing : when i bought my xiaomi phone, the seller told me that xiaomi phone can easily run other custom ROM, but he didn’t told me that xiaomi add a security layer that involve to connect the phone with a xiaomi account and wait 7 days to get “the permission” unlock bootloader with their own software (i loved this so much i will never buy xiaomi products anymore, their official ROM is a personal data vaccum that’s terrible)
2 Likes
Thank you for your story 
Personally, I bought a second-hand Samsung Galaxy J5 2015 especially for /e/ (I didn’t know how to build /e/ for my device at this time) one year ago, but the next phone I will buy will be the PinePhone if /e/ is available on it and works great (no freeze or things like this).
I don’t want a phone without kill switches anymore, because even in Plane Mode H24 my EMEI could leak to cell towers, and my location would be known.
But that’s another topic 
2 Likes
If you will have a lot of Valium in your pockets, than PinePhone will be OK. It’s sooooo slow like Android Froyo devices
I use Locker which can be found in the App Store and FDroid. It let’s you set the number of failed pin entries before it wipes the phone. Also you could use Sophos which I think has a remote wipe feature via text message?
3 Likes
As you were all talking about encryption, I tried to encrypt my Samsung S5 Mini and Samsung A5 2017. Both were not able to startup /e/ subsequent to the encryption: The S5 mini was stuck in a reboot loop (Android startup was showing, then the /e/ logo, then again from the beginning. The A5 just startet TWRP.
Any ideas?
Sadly there are encryption issues on a lot of Samsung phones (with LineageOS too). From my experience, if you can’t access /e/, you have to format the data partition (to ext3 and then back to ext4 for instance) to boot on /e/ again.
1 Like