Is my old data encrypted after FRP was passed?

[John Halo]

One of my friends had his phone robbed. Since he's unemployed and I wanted a new phone, I decided to give my phone to him and buy a new one.

The problem here is: this friend of mine is really good with tech, and I have bank passwords, important and private conversations, images etc on this phone. My phone was launched with Android 8.0 and updated to Android 9.0. I know (and saw on configurations) that it's encrypted by default. I did factory reset, and then when I was turning it on, it asked my Google Account (FRP). I logged in and it was unlocked, and it was like a new phone.

I understand that since it's encrypted, after performing a factory reset, the data is still there and can be recovered, but it will be encrypted, so it doesn't matter. But I was thinking: when I passed the FRP part with my Google Account, is my old data still encrypted, or when I put my account, it was "decrypted"?

(obs: I have no problems about this friend having access to this account, because it has nothing on it and I never used it).

 

[Dannydet]

You logged in to your Gmail account, so it has all of your information available to whoever now. Encryption is bypassed.

 

[kate]

You logged in to your Gmail account, so it has all of your information available to whoever now. Encryption is bypassed.

Not for encrypted data that was on the phone, when you factory reset the encryption key is deleted making the encrypted data very, very hard to recover. Since OP logged into their Google account after the reset they would have access to all the Google account info of course.

when I passed the FRP part with my Google Account, is my old data still encrypted, or when I put my account, it was "decrypted"?

Passing FRP would not decrypt your data that was on the phone before the reset. That old data is virtually unrecoverable because the encryption key was deleted.

For more security, next time you get rid of a phone to remove your email even after resetting and avoid FRP:
1. Remove any PIN or swipe pattern for the lock screen
2. Go into Settings - Accounts and remove your account (and any others)
3. Then factory reset the device.
After that it shouldn't ask for your email with Factory Reset Protection.

 

[iBowToAndroid]

Sooo much incorrect information being posted here... yikes.

Phone info/data being encrypted only applies to when it's actually on the device. When you do a factory reset (whether you do it the normal way from inside the settings or via the Android recovery mode), the data is wiped entirely, and can no longer be accessed, whether on the device itself or via the Google account that was on the device

 

[svim]

Incorrect information? I think it's important to distinguish there's a difference between 'Factory Reset' with 'Factory Reset Protection' (a.k.a. FRP):
https://www.androidrecovery.com/blog/factory-reset-protection-android.html
Hadron's reply was a reference to FRP (what the OP was asking about) while your posting was centered on a Factory Reset.