The situation when you are trying to run an important messenger or banking application, and the system requires you to enter a forgotten digital code or pattern lock, familiar to many owners of smartphones Xiaomi, Redmi and POCO. Built-in function "Application Protection" in the shells of MIUI and HyperOS creates a reliable barrier, but often becomes an obstacle for the owner after updating the system or a long break in the use of the gadget. Access recovery depends on whether you have time to link the account for reset, and which version of the operating system is installed on the device.
Unlike unlocking the screen, where options are limited, protecting individual programs has its own nuances associated with synchronizing cloud data Mi Cloud. If standard password entry does not work, panic early: there are several proven algorithms of actions that will help to regain control of personal data without losing information. However, it is worthwhile to immediately warn that in some cases a complete reset is the only way out, so it is important to understand the risks of each method.
Further instructions describe the sequence of actions from the simplest methods through the account to radical measures. Data security in Xiaomi smartphones is built so that it is almost impossible to bypass encryption without a trace, so all methods are focused on legitimate resetting of forgotten authorization parameters. Carefully study each step, as the menu interface may vary slightly depending on the regional firmware.
Using a Mi Account to Reset a Password
The most civilized and secure way to reclaim hidden apps is to use a Mi-linked account. The MIUI application protection system often offers to link the account to the user in case of forgetfulness. If you agree to sync when you set the password, the recovery procedure will take only a few minutes and will not require deletion of data.
To start, you need to go to the Security Settings menu. Open the Security app (green zipper icon), which is the system permissions control center. In the tool list, find Application Protection and click on it. The system will ask you to enter your current password or pattern lock that you forgot. On this screen, take a close look at the bottom of the display: should there be a link Forgot your password? or Reset your password.
Once you click on the link, the system will redirect you to the Xiaomi login page, you will need to enter the username and password from your Mi Account. This is a critical point: if you do not remember the data from the account, you will not be able to restore access to application protection in this way, and after successful authorization, the system will suggest coming up with a new access code or fingerprint to unlock hidden programs.
⚠️ Note: If the Mi Account password field doesn't appear or the system says that the account is not tied, this method won't work for you.
It is worth noting that new versions of HyperOS have made the security mechanism more stringent: Two-factor authentication may require confirmation of login via SMS to the associated number or through the Mi Authenticator app. Make sure that the SIM card registered in the account is on the phone or has access to the network, otherwise the confirmation code will not come.
If the login is successful, the old password will be completely deleted from the security memory, the new code will need to be entered twice to confirm, after which all previously blocked applications (WhatsApp, Telegram, Gallery) will be available immediately, without having to reinstall them.
Resetting through Google account
In some scenarios, especially global firmware versions, the system may offer an alternative method of verification through a Google account, which occurs if the phone is synchronized with the search giant’s services and the user has previously confirmed their rights through this channel, the mechanism of operation is similar to recovery through a Mi Account, but uses the Android infrastructure.
To try this option, perform a few erroneous application protection password inputs. After 5-10 failed attempts, the system blocks the input for 30 seconds and can show the Forgot Password button?. When you click on it, select the recovery method via Google. You will be prompted to enter the Gmail email address, which is the main one on this device.
It’s important to understand that this method doesn’t work on all models, and owners of devices purchased in China with a global flashing experience often don’t have this capability because of the lack of Google Play certified security services, and in such cases, the phone will insist on a Mi Account.
Google’s data entry process takes place in a secure window. Once credentials are checked, the system will allow you to set a new unlock pattern. Please note that after changing your password through Google, it can take some time to sync old security settings, so don’t be afraid if some apps stay blocked for a couple of minutes.
💡
If you have recently changed your Google account password, wait until Google Play services are fully synced before you try to restore access to app protection.
Cleaning the data of the “Security” application
When accounts are unlinked or lost, a more radical but often effective method is to clean up the system component’s security data, which works by resetting the security module itself, which results in the deletion of the saved password, but has serious consequences that you need to know about in advance.
The method is to force the component to stop working and erase its local database. Go to Settings → Applications → All applications. You need to find the system application Security (or Security) in the list. Click on it, then select Memory or Storage.
On the screen that opens, you'll see the Clean or Reset button, and by pressing it, you'll delete all antivirus settings, garbage cleanup, and most importantly, the application protection password, and after that, when you try to open any previously blocked application, you won't ask for a password, and access will open automatically.
☑️ Checklist before data clearing
⚠️ Warning: Clearing the security application data may result in the removal of stored viruses (quarantine) and blacklist settings. Be prepared for the fact that these settings will have to be reconfigured.
Importantly, on some newer versions of MIUI 14 and HyperOS, the cleanup button may be inactive (shadowed) if Find Device is enabled, in which case the system requires pre-disabled account protection, which again brings us back to the need to enter a password, a vicious circle that is designed to protect user data from attackers who have physical access to the phone.
If the clean button is active, use this method safely. It is a regular feature of the Android operating system, designed to eliminate software failures. After resetting, it is recommended to immediately set a new, more memorable password to avoid leaving data vulnerable.
Use of a fingerprint or face ID
Xiaomi’s modern smartphones have advanced biometric sensors. Often users forget the digital code, but forget that they previously tied a fingerprint or Face ID to unlock secure applications. Biometrics is an alternative key that can save the situation without complex manipulation.
Try running a locked application. When the password window comes up, don't rush into numbers. Look at the screen: there might be a fingerprint icon or a face icon, put your finger on the scanner (even if the screen is off, some models do), or look at the front camera. If the biometrics are set up correctly, the app will open instantly.
Once you've successfully logged in through biometrics, you need to change your master password immediately, because you never remember the old one. Go to Settings → Application Protection → Settings (cogs). There you can select the option to Change your password. The system can ask you to confirm the action with the biometrics that you just used.
| Method | Conditions required | Risk of data loss | Difficulty |
|---|---|---|---|
| Mi Account. | Linked account, Internet | No. | Low. |
| Clearing the data | Access to the settings menu | Medium (settings) | Medium |
| Biometry | Pre-tuned finger/face | No. | Low. |
| Phone reset | Lack of important data or backup | Tall (full) | Tall. |
Keep in mind that biometrics are stored in a secure CPU circuit (TEE), which makes them more reliable than a simple password, but if you reset your phone to factory settings, the biometrics will also fly off, and this method will stop working until you reset it.
Reset to factory settings (Hard Reset)
When all of the above methods are exhausted and critical data is needed, the last option is Hard Reset, which is a complete return of the smartphone to the state of “out of the box”, which is guaranteed to remove the application protection password, as it erases the entire section with user data, including security settings.
Before starting the procedure, make sure you have a backup of contacts, photos and documents. Reset will delete everything: apps, music, messaging (if there is no cloud backup) and system settings. You can log in to the recovery menu with a combination of buttons when the phone is off.
Press both the Volume+ and Power buttons. Hold them until the Mi logo or Recovery menu appears. On the volume button-controlled menu, select Wipe Data, then Wipe All Data, and confirm the action. The phone will reboot and begin the long cleaning process.
What is FRP Lock?
⚠️ Warning: If the phone has "Find the device" enabled, you'll need to enter the password from your Google account or Mi Account that was on the device before, and you won't be able to start the phone without it.
Once the reset is complete, the phone will turn on as new, you will need to go through the initial setup, connect to Wi-Fi and log in to your account, and the password on the apps will no longer be there, as the application protection configuration itself has been removed along with the rest of the data.
Preventing and creating strong passwords
To prevent a forgotten password from happening again, it is important to approach security correctly. Password protection must be reliable, but it must be memorable. Don't use simple combinations like 1234 or 0000, because they are easy to match, but don't put too complex codes that can't be played without writing.
It is recommended to use password managers built into the Google ecosystem or third-party solutions like Bitwarden or KeePass. By writing complex code into a secure storage, you can copy it at any time if you forget.
Remember to check periodically if your account is linked for recovery. Go to the security settings and make sure that the phone number and email are up to date. If you have changed your SIM card, be sure to update your Xiaomi account, otherwise SMS recovery will become impossible.
💡
The best protection is not a complicated password that you forget, but having an up-to-date backup of data that can be restored in the event of a reset.
In conclusion, Xiaomi’s security system is flexible enough to allow access to be restored in most cases, the main thing is not to take rash actions and consistently try methods from the least-destructive (Mi Account) to the most radical (reset).