You've probably heard the horror stories: the app that stole someone's credit card info, the lost or stolen phone that had hundreds of important photos on it. Our phones have become the hubs of our lives, and you want to know that it's safe. Safe from loss or theft, safe from your personal information being appropriated by unscrupulous companies and hackers.
But seriously, there’s no need to fret. Android isn’t that scary, and there’s plenty you can do before you go out in the wild with your Android phone to keep it secure from shady apps and shady people.
Google’s lead security engineer for Android, Adrian Ludwig, put together this helpful walkthrough of simple things you can do to keep your Android device safe from malware, theft, and everything in between.
Tips for keeping your Android device safe
To keep your device is as safe and secure as possible, be sure to use common sense with your device—don’t leave your phone in public places unattended or give it to people you don’t trust—but also use these suggested Android features. Along the way you’ll see links to Google resources and additional information.
Note: Not all Android devices have settings in the same place, so if you don’t see the exact wording, look for something similar. You can also follow the links to your manufacturer’s support site to learn how to navigate your device’s settings.
4 things you can do immediately
- Set a screen lock
Secure your device by setting a screen lock with a PIN, password, or pattern. Each time you turn on your device or wake up the screen, you’ll be asked to unlock your device. Go to Settings → Security → Screen security → Screen lock.
You can also choose to have your device automatically unlock when you have it with you using using Smart Lock for Android.
- Make sure your data is backed up
Backups make it easier to recover your information and apps if your device is lost, stolen, or damaged. You can learn how to back up data such as your photos, wifi passwords, and music here, or find an app to back up those things here.
- Encrypt your device
Encryption helps keep your data safe if you lose your device. Nexus 6 and Nexus 9 devices are encrypted by default. If your Android device is running Jelly Bean (Android 4.1) or higher, you can encrypt the data on your device in Settings → Security → Encryption, or follow along with Greenbot’s how-to.
- Turn on 2-factor authentication for your Google account
This protects your account with both a password and a code from your phone. This extra layer of protection on top of your password protects you in case someone has your password. If you need some help setting it up, Greenbot’s got a how-to readily available.
Staying secure when installing apps & browsing the web
Think before you click banners or pop-up notifications
Although most ads are safe, you can potentially affect your device by tapping banners or pop-ups. Beware anything that claims that your phone is infected or asks for your password or personal information. You could accidentally download unwanted or potentially harmful applications or give someone you don’t trust access to your account.
Only download apps from trusted sources
- Some apps can affect your device’s security, so only download them from places you trust. We work to make sure that all apps available on Google Play pass stringent policy checks, including checks for potentially harmful behavior.
- Be aware of risks if you download apps from unknown sources
- If you want to download an app from a different source, the Unknown sources feature on your device allows you to install apps from outside of the Google Play Store. This feature is disabled by default.
- Before you install an app from an unknown source, first consider:
Is the app is coming from a trusted source? What made you sure it’s from a trusted brand? Does it offer a service that could include hidden fees? Is it asking for sensitive information or device permissions you wouldn’t give to a stranger?
If you’re unsure about any of these questions, we recommend that you don’t install the app. If you do install the app, we recommend disabling Unknown sources again after you’re done.
If you have Google Play installed, you’re automatically protected from potentially harmful apps with the Verify Apps feature. It’s turned on by default and warns you before you install an application we believe is potentially harmful. It’ll also check your device about once a week for potentially harmful apps. If you see a warning from Verify Apps, we recommend not installing the app.
Be prepared if you lose your device
As with any device, you should hope for the best and prepare for the worst. Android’s built-in Device Protection features are essential to use, and they only take a few minutes to set up. Additionally, here are a few more tips for protecting your Android phone or tablet.
Make sure Android Device Manager is on: Be prepared if you ever lose your phone by confirming Android Device Manager is set up on your device. (Greenbot has a helpful how-to on how to do just this!) Make sure to sign in with your Google Account and turn on “Remotely locate this device” and “Allow remote lock and erase”. Try out the “find my phone” feature so you know how it works in case you need it in the future.
Add your contact info to your lock screen: You can also put your contact information (like an email address or phone number you don’t mind sharing) on the lock screen so you can get a missing device back if someone finds it and wants to contact you. Set this up in Settings → Security → Owner info, or follow along with Greenbot’s how-to.
Know how to do a factory reset: If you choose to sell your device, do a factory reset first to make sure it doesn’t have any sensitive information on it. As additional protection, you can also encrypt your device before doing a factory reset.
If things should go wrong
Even the best laid plans can go awry. Here are some steps to take if you encounter an issue:
If you lose your device: Use Android Device Manager to remotely locate, ring, lock, or erase the information from your lost device.
If your Gmail Account is compromised: If you think your Gmail account has been compromised, follow these instructions to recover your account or check your account’s security.
If you suspect that an app is malicious: Try the following.
- Use these instructions to uninstall the app.
- Make sure that the Verify Apps system is still turned on (it’s on by default). Verify Apps will warn you before installation if an application is known to be potentially harmful, and it periodically scans your device for harmful apps, so you won’t find yourself in this situation again.
- If it won’t uninstall through normal means, then use safe mode to try to remove it. To access safe mode:
- With your device’s screen on, press and hold the Power button.
- When you see “Power off” on the screen, let go of the power button.
- Touch and hold Power off.
- When you see the “Reboot to safe mode” box, touch OK.
- In safe mode, use your device normally. If any of the issues you were experiencing has stopped, restart your device to exit safe mode. Then uninstall your recently downloaded apps one by one to pinpoint the problem app. Safe mode works on most Android devices including Huawei, LG, HTC, Sony, Motorola, and Nexus. For help with other devices, please see our Manufacturer support page.