diff --git a/app/src/main/java/info/nightscout/androidaps/plugins/general/overview/OverviewFragment.kt b/app/src/main/java/info/nightscout/androidaps/plugins/general/overview/OverviewFragment.kt
index ea0d2103c0..d56d8d9afe 100644
--- a/app/src/main/java/info/nightscout/androidaps/plugins/general/overview/OverviewFragment.kt
+++ b/app/src/main/java/info/nightscout/androidaps/plugins/general/overview/OverviewFragment.kt
@@ -755,6 +755,7 @@ class OverviewFragment : DaggerFragment(), View.OnClickListener, OnLongClickList
 
         // ****** GRAPH *******
         GlobalScope.launch(Dispatchers.Main) {
+            overview_bggraph?: return@launch
             val graphData = GraphData(injector, overview_bggraph, iobCobCalculatorPlugin)
             val secondaryGraphsData: ArrayList<GraphData> = ArrayList()
 
diff --git a/app/src/main/java/info/nightscout/androidaps/utils/protection/BiometricCheck.kt b/app/src/main/java/info/nightscout/androidaps/utils/protection/BiometricCheck.kt
index 2ab79f6b54..c58b5628d1 100644
--- a/app/src/main/java/info/nightscout/androidaps/utils/protection/BiometricCheck.kt
+++ b/app/src/main/java/info/nightscout/androidaps/utils/protection/BiometricCheck.kt
@@ -46,10 +46,9 @@ object BiometricCheck {
                     BiometricConstants.ERROR_HW_UNAVAILABLE,
                     BiometricConstants.ERROR_HW_NOT_PRESENT,
                     BiometricConstants.ERROR_NO_BIOMETRICS        ->
-                        // call ok, because it's not possible to bypass it when biometrics fail
-                        // ok?.run()
-                        // changed to fail as you can use PIN instead with setDeviceCredentialAllowed enabled
-                        fail?.run()
+                        runOnUiThread(Runnable {
+                            passwordCheck.queryPassword(activity, R.string.master_password, R.string.key_master_password, { ok?.run() }, { cancel?.run() }, { fail?.run() })
+                        })
                 }
             }
 
@@ -69,8 +68,8 @@ object BiometricCheck {
         val promptInfo = BiometricPrompt.PromptInfo.Builder()
             .setTitle(activity.getString(title))
             .setDescription(activity.getString(R.string.biometric_title))
-//            .setNegativeButtonText(activity.getString(R.string.cancel)) // not possible with setDeviceCredentialAllowed
-            .setDeviceCredentialAllowed(true)
+            .setNegativeButtonText(activity.getString(R.string.cancel)) // not possible with setDeviceCredentialAllowed
+//            .setDeviceCredentialAllowed(true) // setDeviceCredentialAllowed creates new activity when PIN is requested, activity.fragmentManager crash afterwards
             .build()
 
         biometricPrompt.authenticate(promptInfo)