Our upcoming 2-factor fingerprint unlock will make using a strong passphrase as primary unlock method practical via fingerprint+PIN secondary unlock instead of fingerprint-only. Great for people who want to avoid relying on secure element throttling but don't want fp-only unlock.
GrapheneOS provides users with the ability to set a duress PIN/Password that will irreversibly wipe the device (along with any installed eSIMs) once entered anywhere where the device credentials are requested (on the lockscreen, along with any such prompt in the OS).
The wipe does not require a reboot and cannot be interrupted. It can be set up at Settings > Security > Duress Password in the owner profile. Both a duress PIN and password will need to be set to account for different profiles that may have different unlock methods.
Note that if the duress PIN/Password is the same as the actual unlock method, the actual unlock method always takes precedence, and therefore no wipe will occur.
It doesn't say anything. It shuts the device down almost instantly, and simulnateously wipes the encryption keys from the secure element, ensuring that the data stored on the SSD can't be decrypted.
Alternately, it could unlock the phone while also erasing specific parts of it, like message history and call logs, potentially replacing them with something you'd set up previously.
Edit: and obviously it would disable the duress pin and set the unlocking pin to it.
Depends on what you did! Say for example they're using Graphene to harass/paedophilia then they already have a copious amount of evidence on hand since they are there.
For organising peaceful protests that seems less of an issue and the other end of the chats is the weak link.
You're not wrong, but like the duress pin, it would be a nice feature to have. Not everyone would have to set a duress fingerprint, just the people who find value in it.