lock screens – How to recover data when everything is locked (FRP, OEM)

Data recovery and Screen lock by-pass are two different things. Both should be impossible due to security reasons.

Android provides official unlock solution via a Google account (not anymore). A Bonded Google account is a requirement for using Google Play App Store, which most likely every customer will have.
edit: Unfortunately Google discontinued Find My Device Unlock feature

A Google account itself has several forgotten password options. It’s up to the customer to get it to work, not you.

You already have mentioned some workarounds which might have worked on some (older) devices. Let me explain a little more.

  • Data recovery from factory reset is not possible because of encryption.
  • Data recovery from FRP lock is not possible because of factory reset.
  • Data recovery via unlocking is not possible because the bootloader unlock triggers factory reset.
  • Resetting screen lock is not possible because login credentials are partially involved in calculating encryption keys. Deleted locksettings.db will destroy encryption.
  • Off-chip recovery is not possible because encryption is hardware bound.

However, some cracking is possible for some devices under certain conditions.

Data partition can be decrypted when:

  • device uses FDE full-disk encryption
  • full-disk encryption uses default_password
  • decryption is performed on this unique source device itself

Screen lock can be deleted when:

  • data partition is decrypted
  • encryption doesn’t rely on login credentials

Dumping partitions on a locked bootloader is possible via:

  • Qualcomm EDL mode when OEM signed factory loader is leaked
  • Mediatek SP Flash Tool with proper Secure boot Download Agent and authentification files

Flashing on locked bootloader is possible when:

  • boot/recovery image is AVBv1 signed