Wiping an Android Device

You can wipe (factory reset) a device in the Devices→Inventory by selecting it, clicking Execute on selected devices, and then Wipe device to factory settings. Unless disallowed in the user restriction policy, the device owner can also reset the device in the device itself, either in the Android menu or in the recovery mode at boot.

If the Factory Reset Protection (FRP) is enabled, wiping does not completely reset the device to "factory settings". The device will remain to be bound to the previous Google account and when it starts up, the new user is requested to login to that account. The purpose is to prevent reusing a stolen device, in a case where the device is wiped remotely or the thief wipes it from the recovery mode. In other cases, such as if the device is resold or reallocated to another person, the Google account must be removed before wiping or the protection will prevent reinstalling the device. If the account is not removed beforehand, the only way to solve the problem is to return the device to the previous owner, or ask for his or her user name and password to the Google account.

Factory Reset Protection is only activated if you wipe a device remotely or in the recovery mode at boot. Wiping a device from the Android settings manually also disconnects it from the Google account.

If the password of the Google account has been changed during the last 24 or 72 hours (depending on Android version), registering the device with the account will be locked down until the 24 or 72 hours passes. This is protection against cases, where a thief has acquired a device and hijacked the associated account by changing its password. If you manage to wipe the device remotely, the thief could bypass FRP using the new password for the stolen account.

Wiping a Lost or Stolen Device

Remotely wiping a lost or stolen device ensures that an unauthorised person, such as the person who stole it, can not access personal or company data or anything else in the device. In this case, Factory Reset Protection works as it should, by preventing the thief from reinstalling the device with another account. Same applies if the thief manages to wipe it by him or herself from the recovery menu at boot.

Wiping a Device for Other Reasons

If you wipe the device for other reasons, you first want to disable FRP. FRP not just requires the username and password of the Google account, but also prevents NFC provisioning. Therefore, in such case, you should either wipe the device manually or first remove the Google account before wiping.

Wiping a Device Manually

When you wipe a device manually from Android settings, also the account is disconnected from the device and FRP is deactivated.

1. Go to the Android settings
2. Select Backup & reset
3. Select Factory data reset
4. Click Reset device
5. Confirm by clicking Erase everything

Wiping a Device Otherwise

If you are, for example, reallocating a device to another person or need to wipe it for another reason, you first need to remove any Google accounts associated with the device before wiping it. This cannot be done remotely, but you or the device owner needs to do it manually.

Removing the Google account can be done as follows:

1. Go to the Android settings
2. Go to the Accounts section
3. Select the Google account
4. Click More
5. Select Remove account
6. A confirmation will be asked to remove the account.
   "Removing the account will delete all of its messages, contacts, and other data from the device. Continue?"
7. Click Remove account

You can now proceed to wipe the device remotely or otherwise.

References

• Factory Reset Protection: What You Need to Know by Jerry Hildenbrand, 2016.
• Help prevent others from using your device without permission by Google Help.
• Factory Reset Protection (FRP) Feature by Samsung.
• Don't Change Your Google Password Before Factory Resetting Your Android Phone - You Might Trip A 72-Hour Security Lockout by David Ruddock, 2015.