I'm a bit confused why more than one person can't register on the site from the same household in one day. ? My boyfriend recommended the site to me and I wanted to thank people so I created an account. He then tried to create an account later and got: "Sorry, our IP has already been used today to register an account today, please try again later"
And even worse, as I was typing this, when he tried to register from his phone (without wifi) he was blocked because he has Sprint as a carrier and got a message "Sorry your IP address is blocked from registration. The reason is: Sorry, to prevent spam and abuse we do not allow registration from a Sprint wireless IP."
So now I'm really confused. With multiple people in a household, and routers everywhere with the same IP, why can't two people register on the same day???
And the best yet, I got on my phone (without WiFi) and clicked register... I got "Sorry your IP address is blocked from registration. The reason is: Sorry, to prevent spam and abuse we do not allow registration from a Verizon wireless IP." ... only I don't even have Verizon, I have AT&T (which still uses Cingular servers at least here ... I know because of my personal web hosting stats always show me on a Cingular server).
Why block people from registering from their phone??? What about people that only have access to internet on phones, or is just random carriers (and invented this is your carrier) that are blocked.
I am honestly confused by both things.
We have the IP restrictions in place to prevent spammers from signing up with multiple accounts. If this restriction wasn't in place, you have no idea how many spammers we'd have on the forum, posting their cheap iphones and hair dryers
It's also their to stop members creating multiple "scok puppet" accounts. That is, if we ban someone, it prevents them from coming straight back with another account.
Same sort of thing applies with the mobile IPs. If we have a problem with a member, and ban him, and we allowed registration by mobile IP, we would never be able to prevent them from creating new accounts, since they can just disconnect and reconnect to their network and obtain a new IP and register again.
These restrictions are all in pace to help us (moderators/admins) control the "problem" members.
I realise it's a bit of a pain in your case, but one more day won't hurt
Hope that answers your question
I guess it makes sense, it was just really confusing on the surface, and frustrating. Thanks for answering so quickly. Can you say when the "day" rolls over? Just curious, is it our time zone or GMT/UMT or something else?
You should be good to go again for another registration now
This measure is absolutely to prevent spammers and abusers from continuously re-registering accounts and not to stop legitimate users. The Verizon and AT&T IPs may have been incorrectly labeled, but they are indeed Mobile 2G/3G/4G IPs and not wireline (DSL/Cable/Fiber/etc) IPs. We are very careful about blocking any IPs from registration and we don't block a particular set of mobile IPs until abuse has occurred from that set/range.
Thanks for your understanding
Related
I am just ranting! Now I have a TP2 and I have to carry a stupid BB with everywhere too. I am so ticked off at them!
Try sending a polite letter to your IT policy makers explaining how this decreases your productivity on the road (or w/e).
Reasoned logic works much better than ranting every time.
OWA, too?
You should be able to hit it with a browser. Not a graceful solution, but maybe better until you get them to re-enable.
cavenger said:
I am just ranting! Now I have a TP2 and I have to carry a stupid BB with everywhere too. I am so ticked off at them!
Click to expand...
Click to collapse
Strange they disable Exchange Sync and allowing BB connection. Semms to me they have no sense for security and privacy of company information...
If it's for security reason, you can suggest them to enforce a lock screen. That's what my company does. They can add a policy on exchange server and you have to accept it to sync. The phone will then always lock after 20min inactivity and you have to type the unlock password, which is annoying to me but have to live with it.
Why can't you use Blackberry connect?
I am using Exchange server for work email and use LockPicker to get by the constant entering of a security code to un-lock the phone. Not sure I should load 2.2 because the developer has informed me that LockPicker will not work with 2.2. If anybody is running 2.2 and Exchange server, does 2.2 offer an option of the screen time out vs. the exchange lockout????
Im running exchange and have to enter the code if the phone sleeps for more than 15 minutes. The time is adjustable, plus the code entry keyboard is huge not a problem to enter at all, overall its a minor pain but workable. The guys that developed lockpicker have an app out that disables this, it is only in the beta stage now and not released to the general public but should be soon.
if found that any of my end users were attempting to disable/bypass the Exchange security...i would haul their ass to HR faster than they could enter their PIN.
DraginMagik said:
if found that any of my end users were attempting to disable/bypass the Exchange security...i would haul their ass to HR faster than they could enter their PIN.
Click to expand...
Click to collapse
He He, I'm thinking if I were an IT guy i'd do that too. Lucky for me I'm an end user, I'm hoping somebody comes up with a way to just toggle the time to a longer value say options for 30 - 60 minutes. In reality the new code entry screen is a breeze to use, not such a big deal as before. I'm just wondering if the time delayed is specified by the Exchange server or if it is built into the phone app.
ifly4vamerica said:
I'm hoping somebody comes up with a way to just toggle the time to a longer value say options for 30 - 60 minutes.
Click to expand...
Click to collapse
/shudders at the thought.
I haven't played with it yet, but pray there is no way for my end users to set a 60min lockout period. that's just waaaaaay too long. how long do you have before your work desktop auto-locks? 15min? and that is for a device that doesn't move and if anyone else is at it would draw attention.
perhaps you feel that you are not important on the food chain and have nothing important in your email. but as these type devices get more powerful folks keep more data on them... pictures, movies, xls, doc, mp3 etc. plus tons of email (with email addresses, names and numbers), some folks will setup the VPN function and map network folders or setup VNC/RDC connections (server names, ip addresses and domain name).
it's not "JUST" that someone may see who you're going to lunch with or that your racquetball game got rescheduled. its all that other crap that concerns us. stuff that you may or may not have. for things that you probably don't see as being a possible security breach. sorry if this has an overbearing tone, it's one of those things i have to beat into folks head everyday.
"i don't care if they know my password, maybe they'll do my work." /facepalm
no...they won't.
ask your favorite IT nerd how many pwd's he has floating in his head and how many times he has to unlock his computer each day.
/steps down from security soapbox
DraginMagik said:
/shudders at the thought.
I haven't played with it yet, but pray there is no way for my end users to set a 60min lockout period. that's just waaaaaay too long. how long do you have before your work desktop auto-locks? 15min? and that is for a device that doesn't move and if anyone else is at it would draw attention.
perhaps you feel that you are not important on the food chain and have nothing important in your email. but as these type devices get more powerful folks keep more data on them... pictures, movies, xls, doc, mp3 etc. plus tons of email (with email addresses, names and numbers), some folks will setup the VPN function and map network folders or setup VNC/RDC connections (server names, ip addresses and domain name).
it's not "JUST" that someone may see who you're going to lunch with or that your racquetball game got rescheduled. its all that other crap that concerns us. stuff that you may or may not have. for things that you probably don't see as being a possible security breach. sorry if this has an overbearing tone, it's one of those things i have to beat into folks head everyday.
"i don't care if they know my password, maybe they'll do my work." /facepalm
no...they won't.
ask your favorite IT nerd how many pwd's he has floating in his head and how many times he has to unlock his computer each day.
/steps down from security soapbox
Click to expand...
Click to collapse
I here ya!!! can we comprimise at 55 mins???? Ok 30 mins?? ;-P How did you know my R-Ball game was rescheduled????????????
/retires from badgering the IT guy!
LOL ... if only we lived in a perfect world.
Solution here: http://forum.xda-developers.com/showthread.php?t=745065
I'm asking this because after the Sony/SOE hacking (which I am somewhat affected by), it's got me thinking.
There are some online services that I've been trying to remove myself form (since before that happened), and companies make it virtually impossible in some cases to get themselves removed from these services.
The biggest example is Facebook. It's literally impossible to remove yourself from facebook. It gives you no decent way to see a list of Pages you have "Liked" and there is no way to remove all of your posts from the site.
Twitter makes this easy... Foursquare makes this easy. Loopt makes this easy...
But it seems companies that are big into Advertising make it as hard as possible for you to decouple yourself form them.
Slacker and Pandora have no such option to remove yourself from those sites after you create your account (and it's impossible to purge your personal information from them unless yo go through hoops and bounds to do so). Contrarily, Last.FM makes it as easy as a button click and some confirmations.
Yahoo! and Google make it easy to delete accounts, but Windows Live basically leaves the account sitting there for something like 4-6 months before it's deleted...
Provided there are decent confirmations, I think any online services should allow any user who willingly signed up for it to willingly walk away from it, and take their personal data and information with them. It seems like a huge power grab by the industry to lock users into them and own our information...
I've already written my Congressman and Senator following an issue with AOL where it took literally weeks of constant phones calls for them to delete my old accounts that I haven't used in forever. Finally they agreed to "waive" the "we don't delete accounts" rule because I was in the military for years following the account creation and they had it on record since I canceled my AOL service that I was doing so because I was being deployed back then...
What do people think. Do you think it's cool that companies expect to own our information after we sign up for their services and make it extremely difficult if not outright impossible to decouple ourselves from them?
Or do you want to be denied a job (or admissions into a university) because you posted something tasteless or inflamatory on facebook one night? (yes, universitiy admissions are starting to check social networks)?
For the past 3 months or so I've been trying to close down all these unneeded services that I have subscribed to in the past, and have been met with several brick walls.
It's even impossible to delete accounts on forums these days, which is uber laughable as well...
I'm thinking about quitting facebook, but getting all my stuff off of there is looking like an impossible task...
EDIT: Pandora finally got around to deleting my account... But I did send them like 5 emails today before they got around to it at 10:50 PM (first contacted them like 2 months ago).
I agree with you that all services you willingly sign up for should be as easy to leave as they were to join, it makes sense.
I'm on Facebook, several tech forums, I use several cloud based services (mail etc.) and I try not to post too many things that would make me look bad.
Facebook has by far been the most problematic to get off, you can deactivate your account but not really remove it.
/J
that's a funny question. It's not ha ha funny but it's funny to jump through those hoops. As far as information shared, on social networking, I know its vitally important to keep professionalism especially in clinical psychology. Personally, if my posts aren't related to tech or anime, I don't post it on social networking. I call a person, I write an angry email or something, but rarely do I kvetch on a social networking platform. Because it's a bad idea...
I mean I have opened a second fb account and surprisingly my first FB is still open. It doesn't bother me because it is "dead" for all intents and purposes. Honestly I just really don't mind it personally, but again that's just me. I'm not the type to post inflammatory material. I guess its different strokes.
However, I do agree, it should be easy to delete your own account. But I have to correct you on yahoo specifically. You can recover the account if its deleted. It's rather easy and I've done it multiple times. I think after a year (for yahoo specifically) then its gone. But otherwise, nope it's still there.
Yahoo! gave me an instant way to delete my account hte last time I did it. It was instant, with no recovery. I checked immediately afterwards when I did it and there was no way to recover the account. Perhaps that is a new development.
Both Yahoo! and Google allow you instant account deletion (or did, IRT the former). Microsoft keeps the accounts for something like 120 days (used to be 45, then 60, etc.) and AOL seemingly keeps them forever because the account I had to go through the run-around to delete hadn't been used for years (almost a decade), but had a ton of personal information on it that I couldn't change because I didn't remember an old secret answer so I couldn't even log in to get it off there (I used to have AOL internet access).
I went back and deleted almost all of my posts on Facebook. It took over 6 hours because you have to personally track down every comment you've made on the site (including those on walls of people no longer on your friend's list). This is intentionally convoluded compared to Twitter, where all of your tweets and retweets are there in a list and it took like 5 minutes to delete them...
As much as I despise Facebook's practice of making accounts hard to delete I've been wondering for a while if it is a result of a fragile database structure they are using. N8ter 's description of having to manually remove comments all over the place makes me wonder if Facebook's database structure has some sort of vulnerability to having data scattered in so many places removed.
Granted, it's prolly more likely they make it difficult because they can.
What do you mean, "you people"?
Nice one
Suppose I.walked right into that
Sent from my SGH-T959 using XDA App
So... let me get this straight,
You signed on to privately owned websites, handed over private information/made incriminating posts (in any capacity)... and now you're complaining about it?
In boardroom meetings in those companies, people like you are punchlines.
Nothing on the internet is private. Let me repeat that; nothing on the internet is private.
Learn it, know it, love it.
I think your missing the point.
Facebook makes it almost impossible for people to leave after they've used the service a lot. You have to track down every comment and wall post and delete them one by one, among other things before they will delete your account.
Blacker flat out refuses to delete accounts even after several emails. They don't consider email private information... ... ...
Other services just make it impossible. Google voice makes it impossible ti remove the service or your phone number. Aol generally flat out refuses to delete accounts. Windows live wants your info to stay there for six months.
Its not about it not being private, its about me not having a choice in whether or not my personal info sits on their server.
Having a ton of extra accounts increases spam email, among other things...
Hope that cleared up my stance a bit...
Sent from my SGH-T959 using XDA App
N8ter said:
The biggest example is Facebook. It's literally impossible to remove yourself from facebook. It gives you no decent way to see a list of Pages you have "Liked"
Click to expand...
Click to collapse
I thought you could see those pages in "Download Your Information"
http://www.facebook.com/help/?page=18830
N8ter said:
I think your missing the point.
Facebook makes it almost impossible for people to leave after they've used the service a lot. You have to track down every comment and wall post and delete them one by one, among other things before they will delete your account.
Blacker flat out refuses to delete accounts even after several emails. They don't consider email private information... ... ...
Other services just make it impossible. Google voice makes it impossible ti remove the service or your phone number. Aol generally flat out refuses to delete accounts. Windows live wants your info to stay there for six months.
Its not about it not being private, its about me not having a choice in whether or not my personal info sits on their server.
Having a ton of extra accounts increases spam email, among other things...
Hope that cleared up my stance a bit...
Sent from my SGH-T959 using XDA App
Click to expand...
Click to collapse
honestly, I know what you mean. Its very annoying and frustrating. But just take it all as a lesson that these are all private companies. Neither you or I have any right to an expectation of privacy. Its a hard truth to face. My Facebook profile is as dry as a bone. I never post or submit any info I wouldn't be comfortable with the whole world knowing.
Until there is a government-run social networking platform, just understand that.
Tone_ said:
I thought you could see those pages in "Download Your Information"
http://www.facebook.com/help/?page=18830
Click to expand...
Click to collapse
No. That's only to download your pictures, videos, and stuff like that if you want a hard copy or to put it on another social network/profile.
For example, if you want to put all your facebook stuff on your Windows Live Profile, but they don't exist on your computer/smartphone anymore...
Also, that won't remove the ridiculous amount of manual labor involved in tracking down every comment/wall post and deleting them one by one...
All that information is trivially seen by clicking on "Profile" at the Facebook homepage. It shows all your activity. But you should be able to remove it by clicking on the X. Right now, you have to go to every page, track that comment down (sometimes in a sea of 1k+ comments), and manually delete it. Some of those comment feeds are so damn large, that they can crash some users' browsers or slow them to a crawl.
My company uses an Exchange server for email, and it works great....except for one thing:
Due to their arcane policies, I am only able to use a pin lock on my phone. All of the other lock options are disabled, even face unlock. Also, they have the screen set to time out at 1 minute, which sucks when trying to use pretty much any application.
Does anyone know of a way to override these policies since my device is rooted?
Try this:
http://forum.xda-developers.com/showthread.php?p=14577188
Sent from my Galaxy Nexus
You could also get Enhanced Email from the market. Although its pricey, it works great.
That is not arcane at all, those are good security practices. This is why Android still lags behind apple and rim at the enterprise level - too many easy hacks to bypass the security that businesses need. Faceunlock can be cracked by a polaroid and many swipe patterns can be guessed by looking at fingerprints on the screen.
Honestly, with all the personal information that resides on a smart phone I don't understand why everyone doesn't have a strong pin on their phones. Hope your buddies don't swipe your phone at the next party, unlock it with a facebook pic, and play some prank with your work email account.
for me I guess its the stupid 1 minute lockout period. For example, if I am trying to use my phone as a GPS, I only get to see the screen for 1 minute. BOOM...locked out.
Pandora... NOPE. locked out after 1 minute, sure the music still plays, but I have to unlock the stupid phone to change songs and what not.
Scold me all you want virtualcertainty, the minimum 6 character pin, and 1 minute lockout drives me nuts.
Wasn't trying to scold you, just explaining the risks involved and the reasons for the policies. I wouldn't recommend to any of my clients to set policies lower than that. And I know a bunch of people that want an android for work but the IT department won't issue one or even allow people to use their own because of the work arounds.
My work policy is a 4 character pin with 1 minute time out. I exceed that on my device - 5 character pin and 30 second time out. In no time you won't notice it at all.
I don't know if this is a bug, but I have been able to remove the pin lock policy on my exchange account EVERY time
This is what I do
Set up Account
When it tells me that it's going to disable face unlock ,etc , HIT THE BACK key
Voila, you're out of there and it lets you go forward.
Don't know if it's our exchange server but that works for me
BooDaddy said:
for me I guess its the stupid 1 minute lockout period. For example, if I am trying to use my phone as a GPS, I only get to see the screen for 1 minute. BOOM...locked out.
Pandora... NOPE. locked out after 1 minute, sure the music still plays, but I have to unlock the stupid phone to change songs and what not.
Scold me all you want virtualcertainty, the minimum 6 character pin, and 1 minute lockout drives me nuts.
Click to expand...
Click to collapse
Then you should probably talk to your employer about it. This is an extremely basic security practice, and like multiple people have already said the easy "hack" to get around the practices is the exact reason most employers don't allow Android users access to their Exchange servers.
My company doesn't allow any Android phones on their Exchange network, exactly for this reason.
BTW, just for reference, it is possible to implement monitoring tools in an Exchange server to notify the administrators of changes to security features. Most employers wouldn't even talk to an employee that's violating security practices...it's just "Here's your box and there's the door". Complain all you want about them, but they're there for a reason. I wouldn't risk it just to escape having to input a key combination.
BooDaddy said:
My company uses an Exchange server for email, and it works great....except for one thing:
Due to their arcane policies, I am only able to use a pin lock on my phone. All of the other lock options are disabled, even face unlock. Also, they have the screen set to time out at 1 minute, which sucks when trying to use pretty much any application.
Does anyone know of a way to override these policies since my device is rooted?
Click to expand...
Click to collapse
I lol'd.
How dare a company try to protect their IP with a password on your phone...
Samsuck said:
I don't know if this is a bug, but I have been able to remove the pin lock policy on my exchange account EVERY time
This is what I do
Set up Account
When it tells me that it's going to disable face unlock ,etc , HIT THE BACK key
Voila, you're out of there and it lets you go forward.
Don't know if it's our exchange server but that works for me
Click to expand...
Click to collapse
Maybe your admins didn't force device security. My company doesn't even allow pattern locks
martonikaj said:
I lol'd.
How dare a company try to protect their IP with a password on your phone...
Click to expand...
Click to collapse
Im totally aware of a company eanting to protect thier IP. I dont even mind having some sort of lock on my phone. But it would br nice to be able to at least bump the lockout time a bit to make the phone useable. Or at least let me do pattern lock.
Theres no sense in trying to make this a pissing contest on security policies.
soapbox,
I sign up to get company email on my own phone as a convenience to both of us. If their security policy was so strict that it made it difficult to use my phone, that convenience would go away and any after hour emails would have to wait until the morning. Obviously not everyone can get away with that, but luckily I can.
I second trying EE,
I picked up Enhanced Email from the amazon app store when it was the free app of the day and have been happy with it(It can disable exchange policies). I do have the lock feature on my phone enabled however because I also use Google Wallet, so I want a little extra protection.
So, you need my phone an also need two separate passwords to use Google Wallet. Hopefully by that time I will have wiped my phone and/or located it.
once on a custom rom, ive never had a problem with exchange security settings. unless i'm going out for a big night (and might lose my phone) i leave the security off.
versd said:
once on a custom rom, ive never had a problem with exchange security settings. unless i'm going out for a big night (and might lose my phone) i leave the security off.
Click to expand...
Click to collapse
If you are able to turn off the PIN lock while using corporate exchange mail then your exchange server does not have the required security policy.
Unless there's something else you've done which you didn't post.
Samsuck said:
I don't know if this is a bug, but I have been able to remove the pin lock policy on my exchange account EVERY time
This is what I do
Set up Account
When it tells me that it's going to disable face unlock ,etc , HIT THE BACK key
Voila, you're out of there and it lets you go forward.
Don't know if it's our exchange server but that works for me
Click to expand...
Click to collapse
Yep, that'll be the server as I get a security pop up and you can't dismiss it. Once setup all other lock options are off limits.
The annoyance for me was the inability to change the time out period, it made it unusable in certain situations.
Sent from my Galaxy Nexus
BooDaddy... I'm an IT Director for a large, publicly held company. We allow iPhones and Android devices to use our enterprise Exchange email with a 4-digit PIN, 1-minute lock AND the understanding that we can wipe the employee's phone if necessary. Installing software to circumvent this security would violate our security policies and would result in a disciplinary action.
Is this your personal phone or did your company provide it?
105437 said:
BooDaddy... I'm an IT Director for a large, publicly held company. We allow iPhones and Android devices to use our enterprise Exchange email with a 4-digit PIN, 1-minute lock AND the understanding that we can wipe the employee's phone if necessary. Installing software to circumvent this security would violate our security policies and would result in a disciplinary action.
Is this your personal phone or did your company provide it?
Click to expand...
Click to collapse
Not sure how the question is relevant to the thread topic but it is my personal phone.
Look here for solution: http://forum.xda-developers.com/showthread.php?p=19792676
BooDaddy said:
Not sure how the question is relevant to the thread topic but it is my personal phone.
Click to expand...
Click to collapse
Not really relevant, just curious because if the company bought it and pays the monthly costs then you really shouldn't have too much to complain about. So I guess it's your choice to connect to the Exchange server, I would never expect a company to mandate corporate email on an employee's personal phone.
105437 said:
Not really relevant, just curious because if the company bought it and pays the monthly costs then you really shouldn't have too much to complain about. So I guess it's your choice to connect to the Exchange server, I would never expect a company to mandate corporate email on an employee's personal phone.
Click to expand...
Click to collapse
Yeah, had it been their phone and plan, I wouldn't mind it. Their dime, their rules.
While its not mandatory for me to have it, it is very handy since I am a systems admin (Linux) and its nice to get alerted via logwatch emails when something bad happens.
So as the title says, I have a family member who recently passed away over the weekend. The family is trying to access his phone for any pictures and videos of him with everyone. As of right now, we don't have any info about his Google account info. We're afraid to keep trying passwords in case it ends up wiping the data after a certain number of tries. I tried using Dr. Fone but the unlock software doesn't support this phone. Not sure what to do from here but I thought you guys might be able to help. Thanks, guys.
perhaps contact the local police to inquire if they have the capability to unlock the phone? They will probably require that you prove your relationship to the deceased which I don't think anyone on this forum could do. It's not that I don't believe you, but any creeper/theif/etc could say the same thing.
GL and sorry for your loss.
Sorry for your loss. If he had 2 step verification where you can send a text message to his cell phone #, you could do a Sim swap, pop the Sim in a phone that you have access to. Trigger the 2 step verification for forgot password and it might work.
Sent from my Pixel 2 XL using Tapatalk
I'm so sorry for your loss, and Hope you'd recover the content without much of a hassle.
Good Luck!
You can force a factory reset...that will delete apps and texts and any unsaved pics from texts will be deleted....BUT....it will not delete any pics taken by the cam and saved to the phone.
Good luck and sorry for your lost.
Was he logged into Gmail on a computer? Could possibly go to Google Photos and check for backed up photos and videos.
Sent from my Pixel 2 XL using Tapatalk
sorry for your loss, I hope you can recover the photos.
1st: was already mentioned. sim swap
2nd: Try to sign into their google account. If you know their gmail (you should be able to figure this out pretty easily) and know them pretty well you can probably guess their password especially if you can remember an "old" password they've used because people are creatures of habit and reuse the same or variations of the same passwords for years. Or you can do the "forgot password" option
3rd have the legal rep ask google.
Google lets third parties request the content from a deceased user's account, but this must be requested by the deceased person's legal representative. The legal representative must upload a copy of their government-issued ID and a copy of the death certificate. Even then, there's no guarantee the legal representative will gain access.
If this works, the legal representative would be able to access data from the deceased user's Drive, Gmail, Blogger, Google+, Google Photos, YouTube and other services. But again, if the deceased user didn't back up any photos in the first place, getting into the cloud backup won't do any good.
https://support.google.com/accounts/troubleshooter/6357590?hl=en#ts=6357650
4th: okay, this one is a little macabre and you said password but I have 2 methods to get into mine so I figure I'd say it......sigh.............somehow before the funeral 1) find a way to be alone with your relative and see if either of their index fingerprints will work to unlock the phone OR 2) I GUESS you COULD ask the funeral director to unlock their phone using their fingerprints but I'm not sure how agreeable they'd be on that one.. Look, I know it's creepy but if the photos/vids are important then......sigh.....damn it sounds even more eff'd up reading it than it did in my head. Okay, sorry, I'll stop now....
good luck
First of all, I'm sorry for your loss...
I have some inquiries, and then a suggestion...
First, do you know if the former owner had "unlocked" or "rooted" the phone/device? When you turn the device on, is there a warning in the powering up process that "warns" about having an "unlocked bootloader"?
If it is unlocked and/or rooted, there are more/further options that can be done, but only if it is in this "state"...
And as for my suggestion...
You might be aware of how Apple and iPhones/iPads have a sort of "find my iphone" or "find my device" type of connection and protocol on their devices... I've personally used the "Android"/Google version (called Android Device Manager [or ADM for short]) of this to find the last location of my phone and to also ring it. But I have also noticed that they (Google) are constantly evolving it and later added a "lock" option. So, taking it a step further, I checked if there was possibly an "unlock" option; and there is! Again, I personally have never used it and do not know much about it. After some cursory reading, there are certain criteria that has to have been met while the original owner was using the phone; but if, by some amazing circumstance or miracle, things have been set up properly (and you know the deceased google account information/login), there's a good chance you might be able to get the phone unlocked. You can find the information all about this here: https://one.comodo.com/blog/itsm/unlock-your-android-device-using-android-device-manager.php
One additional thought I just thought of while writing this, along the lines of talking to Google and explaining the situation, even if you don't have the google account information/login, you might be able to obtain that information from them if the situation is explained and they have protocols for this type of situation.
Again, I'm sorry for your loss, and I hope this helps. Good luck to you...