So most of you know what Factory Reset Protection (FRP) is – it’s that new feature introduced in Android Lollipop that requires you to enter the account details of the last Google account used on any device after it has been factory reset. This serves as protection for your phone so that it can’t be used easily after it has been stolen from you. On a Samsung Galaxy S7 (and S7 edge), we’ve just found out that this can be bypassed.

Firstly though, why would you want to bypass FRP? First, you might have stolen the device you’re targeting and this gets in the way of you using it. In this case, may you get what’s coming to you. But there are legit reasons for bypassing it – like buying a phone off someone and they forgot to remove FRP before handing it over to you. In that case, see the video below done by XDA member “RootJunky.

Most of this will have you jump from one settings menu to another, so be patient and follow the instructions to the hilt. The bypass is really “fooling” Android into giving you access to its menus. The gateway really is – as it has been with other FRP defeating processes – is the “Google Terms and Conditions” window that pops up when you sign in.

We do hope that Samsung patches this vulnerability so this method can’t be used. As everything in the internet can be used for good things and bad, we know this video can be used for malicious reasons as well. So Samsung, get in the game and patch this quick.