Have you forgotten the Wi-Fi password you used to connect to Xiaomi a year ago? Or do you want to know where your smartphone stores data from your Google account, banking apps, and social networks? In the MIUI operating system, passwords are stored in several protected sections β and not all of them are accessible to users without root rights.
Where exactly Xiaomi saves passwords from networks, applications and services
How to safely remove them (if possible)
Why some data canβt be read without special tools, even on your device
How to protect saved passwords from leakage.
Important: password access methods vary depending on the version of MIUI (12, 13 or 14) and the Android version (10-14) installed.
1. Wi-Fi passwords: where are stored and how to view
The most common request for users is how to find out the password saved from the Wi-Fi network. On Xiaomi, this information is stored in the system file /data/misc/wifi/WifiConfigStore.xml, but you can not read it without root rights.
- π± Through settings MIUI (work MIUI 12-14: Go to Settings β Wi-Fi, tap on the connected network, and select "Share password." PIN-a code or fingerprint, and then it will show QR-Network data code (including password).
- π₯οΈ Through ADB (for advanced users: connect your phone to your PC, turn on Debugging USB and execute the command: adb shell su -c "cat /data/misc/wifi/WifiConfigStore.xml | grep 'preSharedKey' Note: superuser rights are required (root).
- π Network reset: If you forget your network password, itβs easier to reset your router with the Reset button (usually hold 10 seconds) than trying to extract it from your phone.
β οΈ Attention: Xiaomi with Android 10+ and MIUI 13/14 file WifiConfigStore.xml It's encrypted with a key attached to the device, and even with root, you can't just copy it to another device, and the passwords will become unreadable.
2. Passwords from applications and services: the account manager
Applications (such as VKontakte, Tinkoff, or AliExpress) often offer to save a login and password in the Android credentials manager. On Xiaomi, this data is stored in two places:
- Google Smart Lock (if you are logged in to a Google account): Passwords are synced to the cloud and are available at passwords.google.com.
- Local MIUI Storage: Some applications (especially Chinese ones) store data in /data/system/users/0/accounts.db.
To view saved passwords without root:
- Open Settings β Passwords and Security β Password Manager.
- Sign in with your fingerprint or PIN-code.
- Select the service you want (such as Instagram) and click βShow Passwordβ.
β οΈ Note: If you reset your phone to factory settings, locally stored passwords (not from Google Smart Lock) will be permanently deleted. β Google β Managing a Google Account β Security β Password manager β Exports.
Try to restore it via email|Check the password manager MIUI|Look at Google Smart Lock|Reset password through support of the service-->
3. Passwords from Xiaomi accounts, Mi Account and sync
Mi Account is a Xiaomi account that is tied to a phone and stores:
- π Passwords from Mi Cloud (cloud storage).
- π± Data to unlock the boot loader (Mi Unlock).
- π Information for synchronizing notes, contacts and SMS.
Where are these passwords stored:
| Type of data | Storage area | Access without root |
|---|---|---|
| Password from Mi Account | Xiaomi servers (encrypted) | No. |
| Authorization tokens | /data/data/com.xiaomi.account/ | No. |
| Local copies of data | /data/data/com.miui.cloudservice/ | Partially (via Mi Cloud) |
If you forget your Mi Account password, you can restore it:
- Through the official website (needs a linked email or phone).
- Through Settings β Xiaomi Account β Forgot the password.
β οΈ Note: if you delete Mi Account from your phone, it may block access to certain features (such as Mi Fit or Mi Home).On devices with a blocked bootloader, deleting your account will lead to a blink (the phone will not turn on).
4. System passwords: PIN, pattern lock, fingerprints
Passwords for unlocking the screen (PIN, pattern lock, fingerprint) are stored in encrypted form in:
- π /data/system/locksettings.db (for PIN/password).
- π /data/system/users/0/fpdata/ (print-in).
- πΌοΈ /data/system/gesture.key (graphical-key).
These files are protected by hardware encryption (via TrustZone or TEE), so:
- π Without root, they cannot be read or copied.
- π When you drop your phone, it is permanently removed.
- π‘οΈ Even with root, it is almost impossible to extract the original password (only a brute-force attack).
If you forget your PIN or pattern lock:
- Try unlocking through Mi Account (if tied).
- Use the Forgot Password function on the lock screen (requires answers to control questions or SMS-code).
- In extreme cases, a hard reset (but it will delete all the data!).
π‘
If you often forget passwords, turn on MIUIβs Smart Unlock feature (Settings β Lock Screen β Additional) that automatically unlocks your phone on trusted Wi-Fi networks or when you connect to trusted devices (such as smartwatches).
5. Passwords from banking applications and payment systems
Applications of banks (Sberbank Online, Tinkoff, Alpha-Click) and payment systems (Google Pay, Mi Pay) store data in different ways:
- π¦ Banking apps: Passwords and tokens are stored in secure storage on Android Keystore, and only the apps themselves can access them.
- π³ Google Pay / Mi Pay: Card data is encrypted and stored on servers Google/Xiaomi. Only tokens remain locally for authorization of payments.
- π SMS with codes: may be temporarily stored in /data/data/com.android.providers.telephony/databases/mmssms.db (but usually automatically removed).
β οΈ Note: if you delete the banking app, it will not delete your bank account, only local data (for example, saved payment templates.
How to protect your financial data on Xiaomi:
- π Use a separate one. PIN for payments (configured in Settings) β Security β Payment settings).
- π« Turn off autofilling passwords for banking applications.
- π Regularly check active sessions in the bankβs personal account.
What to do if your phone is stolen?
6. How to protect saved passwords from leakage
Even if passwords are securely hidden in the system, they can be stolen through phishing, viruses or MIUI vulnerabilities.
- Turn off autocomplete for critical services: Settings β Additional settings β Language and input β Autocomplete β Turn off for banks / social networks.
- Use a password manager (like Bitwarden or KeePassDX) instead of built-in MIUI storage.
- Check your activity regularly with Google Security Checkup and Mi Account Security.
- Don't install it. APK from unknown sources, they may steal data from the /data/data/.
β οΈ Note: Xiaomi with global firmware (e.g. Redmi Note 12 Global) has a lower risk of data leakage than China (e.g. Xiaomi 13 China), which often sends telemetry to Xiaomi servers, including data about connected networks.
π‘
No way to store passwords on Android is completely secure. Always use two-factor authentication (2FA) for critical services, even if the password is stored in your phone.