First unlock means the user entered the PIN to go through the second level of encryption (after Secure Enclave device-level protections of flash).
Without first PIN, most functions don't work because the writable flash areas storing third party apps and user data are still encrypted.
This is also why you have to enter your PIN on reset rather than a biometric; it is far more established to derive a symmetric key from a password than from biometric data.
Without first PIN, most functions don't work because the writable flash areas storing third party apps and user data are still encrypted.
This is also why you have to enter your PIN on reset rather than a biometric; it is far more established to derive a symmetric key from a password than from biometric data.