During the set up process for WPA2-Enterprise networks, Android phones or tablets may require the user to set a screen lock depending on the network settings. Having spent years trying to improve the quality and experience of secure wireless, this is a frustrating issue for us and we hope this answers many of the questions some might have.
Why is my phone making me set a screen lock?
Some networks running WPA2-Enterprise are set up to store a digital certificate on your device. The digital certificate is a key that will validate the network you connect to, protecting you from copycat or “evil-twin” networks that might try to steal your information. Certificates are also used for VPN or firewall access to prove the identity of the server on the other side of the connection.
Certificates are a very powerful security feature used across modern computer systems. However, Android alone chooses to encrypt their certificate store, requiring all users to set a password before installing any certificates. When installing them onto your device, the operating system will prompt you to choose a screen lock that meets minimum criteria.
While this is a secure setup, it is silly not to give users the choice whether to encrypt their own phone. It is especially silly that any certificate requires the device to be locked, even certificates with “public keys” accessible to everyone.
How do I disable a lock screen?
When connecting to a WPA2-Enterprise, a certificate is not always necessary. Check with your administrator and see if there are alternative options. Though you should note that a certificate is just as much to your benefit as it is to theirs; connections without them will be less secure.
If you no longer need to connect to the network and want to disable the screen lock, you may need to clear your credential storage first. On your Android device, got to Settings > Security then click on Clear Certificates near the bottom. You should now be able to disable any screen lock. However, you may no longer have access to secure communication channels like wireless or VPN.
Please note: if you disable your PIN after configuring your device, you may experience connectivity or security issues with your network.
Alternatives to disabling lock screen.
- Before disabling the lock screen, consider first changing how often you are prompted. Instead of being prompted every time you turn on the screen, you can set it only to lock after 30 minutes of activity. Third party apps like this one can extend that time by hours or even days.
- Although Android requires a screen lock, it does not necessarily have to be a PIN or password. Pattern locks should also be acceptable, as well as some third party locks such as fingerprinting or other biometrics.
- There are also third party apps that will let you hide or “suppress” the lock screen. You will still need to set a password or pin, but these apps will bypass the lock screen while they are running. An example is No Lock.