Mobile devices such as smartphones and tablets store sensitive data. For example, a mobile device may store financial information such as bank account numbers which belong to the owner of the mobile device. As another example, a smartphone may store business secrets within emails and other documents which belong to a corporation for which the owner of the mobile device works.
A conventional approach to controlling access to sensitive data on a mobile device involves requiring an owner to enter a password when the mobile device emerges from a “sleep” or a “power off” state. The owner of the mobile device enters a password known only to the owner into the mobile device, where the password is stored in memory. The password is not erased until the owner changes the password. The owner must know the password in order to make any changes to the password.
In some situations, the owner grants a trusted party the right to restore the password through either knowledge of the password or an ability to reset the device. In this situation, the conventional approach allows for the trusted party to access sensitive data in the event that the owner forgets the password.