You can configure Android to request a PIN every time it wakes up. I use this. Seems to me that if you encrypt the persistent password storage, and forget the plaintext password on wake-up until the PIN has been entered as you suggest, this problem is solved for the security-conscious users who use a PIN. Then if you care about security, use the PIN.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds