Why you canβt find Google password in Xiaomi settings
Many Xiaomi users (especially after resetting or buying a used phone) try to find the saved password from a Google account right in the deviceβs menu, but this is fundamentally impossible β and hereβs why.
Modern versions of Android (including MIUI 12-14) donβt store passwords in plain form. Instead, tokenization is used: the system stores only encrypted OAuth tokens that are automatically updated when you connect to Google servers. Even if you get root access, the password is not found in its pure form β it simply does not exist in the phoneβs memory.
However, there are ways to restore access to your account or remove the link if your phone requires an old password after reset, and then we will go through all the working methods, from standard to technical.
Where Xiaomi Stores Google Account Data (and Why It Can't Be Retrieved)
The files associated with the Google account are distributed across several protected MIUI sections.
- π /data/system/users/0/accounts.db β Account database (requires root)
- π /data/data/com.google.android.gms/shared_prefs/ β authorization tokens
- π‘οΈ /data/misc/keystore/ β Encryption keys (only available to the system)
Even if you access these files (for example, through ADB or TWRP), you can't extract the password.
| File/Folder | What does it contain? | Can I get the password out? |
|---|---|---|
| accounts.db | Account names (email) and synchronization tags | β No. |
| com.google.android.gms | Access Tokens (JWT) Linked to a Device | β No (encrypted) |
| keystore | Keys to decrypting tokens | β No (linked to hardware) ID) |
| settings_global.xml | Synchronization settings | β No. |
An important nuance: Starting with Android 10, Google has introduced hardware-based account binding to the Titan M chip (or its Qualcomm counterparts), which means that even when you transfer files to another phone, authorization wonβt work.
β οΈ Note: Attempts to modify files into /data/data/com.google.android.gms/ without root rights, result in a complete loss of access to Google services, the system recognizes the substitution and blocks the account on suspicion of hacking.
How to Restore Your Google Account on Xiaomi (3 Working Ways)
If your phone requests a password after reset (FRP-blocking), use these methods:
1. Standard Recovery via Google
The most reliable way is to use the official procedure:
- On the lock screen, tap "Forgot your password?" (or "No access?" on some models).
- Enter the last email that was used on the phone.
- Google will send a letter with a link to reset your password to a backup address or number.
If the letter doesn't come in:
- π§ Check the spam folder in the mail.
- π Try to send the request again in 10-15 minutes.
- π± Make sure your phone is connected to Wi-Fi or mobile network.
FRP bypass through settings (for MIUI 12β13)
On some models (Redmi Note 10/11, POCO X3/X4), the bypass works:
βοΈ Bypass FRP Xiaomi
If this method does not work, try an alternative way:
1. On the greeting screen, select the language.
2. Connect to Wi-Fi from the keyboard (hold @ on the keyboard β βGoogle Keyboard Settingsβ).
3. Go to Help β Video β YouTube β Settings β Restore Account.β οΈ Attention: After the roundabout FRP All the data on the phone will be erased. This method only works on firmware older than the one on the phone. MIUI 14 (Google has closed the vulnerability on new versions).
3. Reset via Fastboot (for advanced users)
If the phone is locked and password recovery is not possible, a full reset via Fastboot remains:
fastboot erase frp
fastboot erase userdata
fastboot rebootThis command deletes all data, including FRP-to lock it. to execute it:
- π₯οΈ Install the Mi Flash Tool and drivers ADB/Fastboot.
- π Connect your phone in Fastboot mode (press the Power). + Volβ switch off).
- βοΈ Enter commands above in Command Prompt.
π‘
Before resetting via Fastboot, check if the bootloader is unlocked on your Xiaomi. If not, unlock through the official Xiaomi tool, otherwise the phone will turn into a brick.
How to Protect Your Google Account on Xiaomi from Leakage
To avoid future blockage issues, follow these rules:
- π Use a password manager (such as Bitwarden or Google Password Manager) to store backups.
- π± Set up two-factor authentication (2FA) Google-settings.
- π Regularly (every 3 months) update your backup email and phone number in your account.
- π« Never save passwords in Notes or SMS phone-on.
MIUI has a built-in Backup feature (Settings β Xiaomi Account β Backup), but it doesnβt save passwords β just app settings and contacts. Use dedicated services for passwords.
| Protection method | Level of security | Cons |
|---|---|---|
| Password manager | βββββ | It takes getting used to. |
| 2FA (SMS) | ββββ | Vulnerable to SIM-swap attacks |
| Backup email | βββ | Could be hacked. |
| Writing on paper | ββ | Risk of loss/theft |
What to do if your phone is stolen?
Frequent mistakes when working with a Google account on Xiaomi
Many users make critical errors that lead to loss of access or data leakage, and the most common ones are:
- Ignoring backup email/phone β without them, it is almost impossible to restore an account.
- Using one password for Google and Mi Account β if you hack one account, a hacker will have access to everything.
- Disabling synchronization β without it, password backups are not created.
- Buying used phones without resetting β the previous owner can remotely lock the device.
Another common problem is the post-reset conflict of accounts, for example, if you add a new Google account, but the phone keeps requesting the old one.
1. Go to Settings β Accounts β Google.
2 Delete all accounts except the main one.
3. Reboot the phone.β οΈ Note: If you sell or transfer your Xiaomi, be sure to complete a full reset via Settings β The phone. β Resetting settings. Simply deleting an account is not enough - data can remain in the app cache.
Alternative methods of authorization (if the password is lost)
If you canβt restore your password, consider these options:
- π Hardware security keys (e.g. YubiKey) β Google supports and works without a password.
- π± Fingerprint Login (if previously configured in Google Account).
- π₯οΈ Computer-based authorization β sometimes the phone allows you to log in via a browser if your account has already been added to your PC.
For corporate accounts (e.g., through Google Workspace), the domain administrator can help. Contact support with the following:
- IMEI phone (*#06#)
- The last known password (even if it is incorrect)
- Date of last successful entry.
π‘
If you use your phone at work, check with IT-Is it not related to corporate policy? MDM (In this case, resetting the password can block access to work data.