EMUI 9 Review [Part 2]: Huawei/Honor’s Android Pie Software Packs a Ton of Useful Features Mistaken for Gimmicks
As you can guess by its name, Huawei Share is a feature designed to share the files on your phone with other devices. To be specific, Huawei Share lets you easily share the contents of your phone’s storage with any Windows or Mac PC. EMUI provides easy-to-follow instructions to connect your Windows or Mac PC to your phone. You can choose the name that shows up for computers on the local network and the username and password used to authenticate the connection to your phone. Once connected, your computer sees your phone as a network drive that you can seamlessly transfer files to and from.
The reason it works so well on any Windows or Mac PC is also its biggest flaw: It uses the SMBv1 protocol. Microsoft disabled SMBv1 in Windows 10 because it’s insecure, so to even use Huawei Share you have to intentionally enable an insecure feature. For that reason, I can’t recommend enabling Huawei Share. If you need to set up your phone for remote file access, I recommend you use a third-party app like FX File Explorer because it supports a newer SMB protocol.
For what it’s worth, Huawei Share isn’t only intended for sharing files over a local network. Huawei also promotes sharing files to nearby printers for quickly printing documents. Either Wi-Fi or Wi-Fi Direct are used to connect to a local printer, so there’s less of an issue with security. While Huawei Share does surface the print option in the share menu in a user-friendly manner, it doesn’t actually do anything that isn’t already natively supported in Android. Android 8.0 Oreo brought native support for printing to any Mopria-certified printer, while Android Pie introduced Wi-Fi Direct printing support. Unless Huawei offers some additional printing feature that I’m not aware of, the credit goes to the Mopria Alliance for bringing better printing to all Android users.
With so many data breaches every month, there’s a good chance that at least one of your account’s details have been compromised. Services like HaveIBeenPwned and Firefox Monitor can alert you if any of your accounts show up in a recent data breach, but you’re better off taking preemptive action to secure your accounts. Enabling two-factor authentication or using a hardware token are the best ways to protect your accounts since it adds an extra layer of security on top of your password, but until password-less access becomes more prevalent, most people should start using a password manager of some kind. EMUI 9 and Magic UI 2 make it easy to start managing your passwords with the built-in Password Vault feature.
Password Vault, as its name implies, securely stores your usernames and passwords on your phone. Password Vault uses the built-in Autofill APIs introduced in Android 8.0 Oreo to save new passwords and automatically fill them in on request. You can view the vault’s contents by going to Settings > Security & privacy > Password Vault and then entering the 6-digit PIN that you set up when you first enabled Password Vault. Here, you can also choose which apps to enable autofill for.
I applaud Huawei for adding a simple, built-in password manager, but their service is notably lacking a lot of features commonly found in other password managers. For example, I use the open source KeePass service on Android, Windows, and Chrome to save usernames, passwords, addresses, and more. I sync my KeePass database using Google Drive so it’s available on all my devices. I secure my database using a very long password string, but for convenience, I enable fingerprint access on my phone. On the other hand, EMUI 9’s Password Vault can only fill in usernames and credentials, can’t be synced with other devices, and is limited to a 6 digit pin for protection. It’s very basic and gets the job done for most people, but if you have any desire to effectively manage your passwords I recommend you move on to another service.
It’s hard to offer praise to Huawei for including a pretty basic feature, but considering the fact that stock Android doesn’t have a built-in app lock (meaning you have to install a third-party app that either uses an Accessibility Service or hooks into the UsageStats API to constantly monitor the foreground app) and that the equivalent feature from OnePlus lacks face unlock integration, I do have to give credit to Huawei for their implementation. Located under Security & privacy in Settings, you’ll find “App lock.” You can probably tell by its name, but all App lock does is lock selected apps behind an extra layer of security. Locked apps can be unlocked by entering a 4 digit PIN of your choice, scanning your face with face unlock, or authenticating with your fingerprint. Once unlocked, the app remains accessible until you turn the screen off, after which you have to re-authenticate. App lock’s settings are also locked behind the same second-layer authentication requirements, making it perfect for managing which apps a child can use on your device. If you somehow forget the PIN you set up for App lock, EMUI lets you reset the password after answering the security question you provided while setting it up.
My only complaint with App lock is that the settings to enable face unlock or fingerprint authentication are not accessible from App lock settings. Instead, they’re found within their respective face recognition and fingerprint ID settings under Security & privacy. This harms discoverability of the features, in my view.
PrivateSpace is a feature that sounds completely unnecessary considering Android has supported multiple users for years, but the feature may be useful if you need to set up a second, hidden account that you don’t want anybody to find out for whatever reason. For example, if you have a second user set up in Settings > Users & accounts > Users, then anyone who grabs your phone can see that there’s a second account from the lock screen. If you want to hide the fact that there’s a hidden account, then PrivateSpace is for you. The hidden account is just like any other user on the device—it has access to its own sandboxed files, apps, settings, Google accounts, etc.
You can set up a PrivateSpace by going to Settings > Security & privacy > PrivateSpace. You have to set a unique password, PIN, or pattern for the PrivateSpace, because you log in to PrivateSpace from the same lock screen you log in to your main account. You can even set up a separate fingerprint to access PrivateSpace! There’s not much for me to complain about here; I have no need for the feature, but I recognize that it may have some utility for other people.
If you share your phone with a partner or family member or would like to store some sensitive documents, you can use the “File Safe” feature located in Security & privacy settings or in the Files app under the “Safe” button. This feature lets you add images, videos, audio files, or any other file of your choice into password-protected storage. Since this is considered secure storage, EMUI doesn’t let you open File Safe with face unlock, but it does let you associate your fingerprint for convenience. EMUI asks you to answer two security questions when setting up File Safe so you have a way to access your files if you forget your password. If you choose to associate your Huawei Account with File Safe, you can also restore access remotely if all else fails.
You can set up as many File Safes as you want on both internal or external (SD card on certain models or NM card on the Huawei Mate 20 Pro, Huawei Mate 20 X, Huawei P30, or Huawei P30 Pro). EMUI lets you choose which safe you want to open by presenting a “switch safe” button when entering your password. However, you can’t name File Safes so you’ll have a hard time organizing multiple. If you want to delete a safe, you can do so from the safe’s settings. Before deleting a safe, you have the option to move the files to either the File_Restore folder (default) or a folder of your choosing.
EMUI blocks taking screenshots of safe contents, so I can only show screenshots of creating the safe and the safe settings.
Is it actually secure, though? The answer to this should obviously be yes, but I’ve seen equivalent features from OEMs that both failed to actually encrypt any files and made it easy to bypass the password required to access the safe. Fortunately, I can confirm that EMUI’s File Safe does provide some basic security for your files. I can’t guarantee the safe can’t be cracked because I don’t know exactly what kind of encryption it uses, but you can clearly see that the files are inaccessible to the casual observer. Each safe is stored in a folder called /.File_SafeBox in the root of the internal or external storage. The . preceding the folder name ensures that most file managers, including EMUI’s Files app, won’t show the folder. Furthermore, the folder contains a .nomedia file to hide files in the directory from showing up in scans, which most gallery and file browser apps respect. While third-party file managers like MiXplorer or FX File Explorer can browse this directory if you enable the option to see hidden folders, the files themselves are encrypted so you can’t open them. You won’t even know what the file originally was because the file name has been scrambled too. Lastly, if the user does stumble upon this folder, there are readme files which warn the user not to touch anything in the directory because it can result in the loss of data.
I personally recommend you look into something like Veracrypt to create an encrypted container of your files that you can then store on cloud storage as a backup. Although Veracrypt doesn’t have an Android app, there are Android apps that support Veracrypt containers.
Continue to Page 3 – EMUI Apps