Android phone's lockscreen PIN disappeared?

Question

I own a ZTE Axon 7 (model 2017G) that I purchased secondhand from a reputable vendor in Germany ca. 3 years ago. The phone has been working well, and I updated the OS to Android 8.0. manually earlier this year using an official image from ZTE.

A severe case of butterfingers affected me yesterday (and I guess today), and I dropped the phone a couple of times (the phone has never been in use with out this very good TPU case from this company called Spigen). The last of these drops (today) broke the display. No physical damage, but half the screen is "gone"--it looks like the display pictured here in this iFixit thread but with multicolored dots instead of lines.

I wasn't too worried about this (hopefully it's just a loose cable), but then I noticed I was only swiping up to get past the lockscreen. Now here's the thing: I've always used this phone with a 4-digit lockscreen PIN. I can confirm--that as recently as yesterday--my partner and I mentioned the PIN because my phone had died (battery ran too low), and they had to enter the PIN after restarting it; so this isn't my imagination going wild.

As far as I can tell, nothing else has been affected. All the data still seems to be there, and nothing seems to have been "hacked" (I even briefly texted my partner with the broken screen to let them know that the screen is broken).

I went and checked in the settings, and the lockscreen PIN isn't active there either as far as I can tell (so it doesn't seem to be some kind of a glitch). I restarted the phone, and it asked for the PIN as it does normally to authorize the SIM. So it appears the lockscreen PIN has been disabled entirely, but it wasn't me who disabled it.

How is this even possible? Can the phone being dropped at a weird angle disable the lockscreen PIN? (It sounds ridiculous just even typing that.) How can I check for signs of intrusion on the device (with the broken screen)?

Some "events"/facts that may be of relevance(?):

• The one other question I have on this SE is about legitimate Google 2FA codes arriving from random numbers. This hadn't happened in a while, but it happened again on 29.06.2020 (this Monday).
• I always put my phone next to the bed during the night, and I did so last night. The phone was in another room this morning, however. Neither my partner nor I remember moving it. It is plausible that I moved the phone (I have a mild tendency to sleep walk), but I doubt I would have been able to disable the PIN in my sleep.
• The phone's storage is not encrypted.

Answer 1

Sorry to sound cynical, but if your phone moved in the night and you didn't have signs of a break in, and only you and your partner are in the building and know your pin.. if your lockscreen pin mysteriously got disabled, and you are getting unsolicited 2FA calls..

MOST PARANOID SCENARIO your partner probably moved the phone in the night, disabled the lockscreen pin, probably has location tracking and keylogging software installed to the phone. If this is the case, can you think of any reason why your partner might want to snoop on whatever you have on the phone? Have you been particularly aloof, or behaving in a way might make your partner think you were acting suspiciously?

ALTERNATIVE PARANOID SCENARIO your phone has been hacked by script kiddies who are managing to trigger 2FA calls and do sloppy stuff like removing your lockscreen pin. Or perhaps someone has managed to get the login details for your gmail account associated with the phone. You might be able to see a history of where you have been logged in from, when, and on what devices. You can change your password and logout of any unrecognised devices.

NON PARANOID SCENARIO The knock by complete chance somehow changed your lockscreen setting, you moved the phone yourself and forgot, nobody has hacked your phone, and your partner is innocent!

Answer 2

Honestly, the situation seems complicated and I just wanted to leave a comment, but I'll write an answer because a comment would be too long. Here are a couple of possible explanations in my opinion:

• The drop really disabled the lock screen. I don't know how and why, but maybe some software or hardware procedure returned an error because of the broken screen, then the lockscreen failed to activate and remained disabled. Some kind of rare bug related to a partial hardware failure, basically. I have no idea how plausible this could be, however. Also, I doubt there would be practical ways to reproduce the issue (unless you want to buy a thousand phones and repeatedly drop them to the ground to see what happens).
• Insider threat. Your partner is lying, but their intentions might not necessarily have been malicious. For example, they might have disabled the lockscreen because they were afraid of not being able to unlock the phone anymore, in case a part of the screen needed to unlock the phone suddenly stopped working because of the damage. But then they saw you were upset about the lockscreen, and decided to not tell you what they had done. To find out if the "insider threat" scenario is plausible, you would need to start monitoring your phone (positions, accesses, activities, etc.). The fact that you tend to sleepwalk isn't going to help, though.

I would consider other scenarios, like an infected phone or a compromised Google account, less likely in your specific situation.

Answer 3

Firstly dropping the phone wouldn't have done that. Sometimes 2FA codes are sent by such numbers, seen it before. Those WhatsApp accounts will likely be old. People lease a number rather than own it. If somebody changes their number it can be used years later by somebody else. If you have not been downloading anything or clicking odd links, you can't rule out the fact you purchased a used phone could have had pre-installed malware, it doesn't matter than you got it from a reputable retailer. Used phone is a used phone and comes with risks a new phone shouldn't have. There is no definitive answer how the lock screen changed, don't think it is possible.