Factory Reset Protection Nexus 6P

If you can tap on a screen and follow simple instructions, you too can “hack” into a Nexus device that, in theory, should be secured by Factory Reset Protection.

Back in March, we reported on how easy it was to bypass Factory Reset Protection using a simple exploit uncovered by RootJunky. The exploit, technically known as an “escalation of privilege” involved using various menus, search bars, and other features of the stock Android interface to reach the Settings menu. Once there, anyone could add a new Google account and factory reset the device. FRP completely failed to do its one job.

Since March, Google has patched that specific exploit, but as it turns out, RootJunky found a different workaround pretty fast.

The new exploit works on Nexus devices running Marshmallow or Android N, including Nexus 6P, Nexus 5X and Nexus 6, with the May security patch applied. (The patch that was just released earlier this week.)

As you can see from the video below, the new exploit involves more steps (including downloading and installing a special app), but it’s fair to say that anyone who has a basic knowledge of using Android can successfully bypass FRP in a few minutes.

What’s more worrying is the apparent ease with which RootJunky (and presumably other, less savory, characters from around the web) can render FRP useless. Not only that, but Google seems content to patch each exploit as it surfaces, without addressing the root issue, a year after this security-critical feature was first introduced.

Let us know your thoughts.

Bogdan Petrovan
Bogdan is the European Managing Editor of Android Authority. He loves tech, travel, and fantasy. He wishes he had more time for two of those things. Bogdan's phone is a Nexus 6P.
  • Robert Nasiadek

    This is getting really embarrassing for Google.

    • phatmanXXL

      Agreed. I think they should not be making services and products if they can’t even prevent such easy hacks.

      • BIRD BOLT

        wow. says you. what about all their other wonderful offerings. Can u like without google search? learn to understand that when a company gets that big, it becomes harder to efficiently cater to those little issues. grow up

  • yankeesusa

    Well, most phones, with physical access can be hacked. But the point of this frp is to make your phone a brick and make it less likely to be stolen and that’s obviously not going to work.

  • talon1812

    you don’t even have to do all that. Once you’re in the settings, go to apps and show system apps. From there, disable the setup wizard. No setting up another account. I did this with an LG V10 that I bought on E-bay.

  • Charles Sweeney


  • Rohit Nair

    Pardon Me but cant you still do a factory reset from the Bootloader? without going thru all this trouble?

    • Andree Lopez

      the reactivation lock will not go away with a hard reset… you need the google account link with it, thats why he did all that to change the gmail

  • phatmanXXL

    You won’t ever have this issue on iPhone.

    • SXE-EA17

      It’s easier than you think. Yet, unlike the op, I don’t like sharing such things. RJ should keep their stuff to themselves or maybe UG forums.

    • Jerry Rich

      Even the FBI can hack a iphone. You think they’re secure?

      • dvdlgh

        When did the FBI hack an iPhone? I remember the FBI saying they paid a third party to successfully hack an iPhone. That’s what they claim, anyways.

    • onstrike112

      You wouldn’t have that issue on a BlackBerry.

  • Cross Maou

    this is looking really bad for google….i mean that looked way to fucking easy……

  • Acaa Aca

    is this for nexus device only? how about oter OEMs?

  • Rican39

    Don’t work for the new security patch 7.0 on nexus 6p

  • SJShark

    So im trying this now and in the “Google Account Manager” there is no “type email and password” subsection. Just one that says “Error” and when that is selected with “Try”, It says “Couldnt sign in”. Was this fixed by Google? If so was another work-around discovered?