How to Keep Your Android Phone and Important Accounts Secure
The Android OS is very popular these days, and many people have Android phones. There are multiple things you can do to keep your Android device secure, and in this article, I explain what they are. I also mention some things you might want to reconsider doing as they can cause issues.
Secure Your Phone With a Lock Screen
Secure your lock screen with a password, pattern, or a pin. Passwords are the most secure but harder to remember, and I use a pin myself.
If your device has the right hardware, you can use it to unlock your phone a well. For example, my current phone, the LG V20, has a fingerprint reader, and I use it all the time. Some newer phones can unlock the screen using your face.
Secure applications with a pin or fingerprint as well, as doing this adds an extra layer of security and privacy. I also recommend making purchases that need a password or fingerprint to confirm them. Even if you do not share your device, I recommend doing this, as this will help prevent accidental purchases.
Consider Encrypting Your Phone
Encrypting your phone is another way to secure it from threats. Doing this will make sure the data is very secure as without your password nobody will be able to access your phone. Some newer phones come already encrypted, and my current Android smartphone was. You can also encrypt an SD card, and if you do this, you must use the SD card inside your phone to transfer files with a USB cable.
Be Careful When Connecting Your Phone to a Computer
When using a USB cable to connect a phone to a computer make sure you select the right option.
Keep Your Phone up to Date
Whenever your phone gets updates, download these as soon as possible, as most security updates fix exploits. You can avoid many issues Android has by updating your device, and I recommend downloading security updates as soon as possible. Only refuse to update to a new version of Android if you know some critical applications you use daily does not work yet. Also, know if you test betas or developer previews of Android there may be bugs and I do not recommend doing this.
Use Google Play to Download Most Applications
The first line of Android defense is to be careful what applications you use on your phone. I recommend downloading applications from Google Play. Google Play does a great job at filtering out bad applications, and hopefully, you will never see any. Google Play is not perfect though, and sometimes there are cases of malware in the store. Here are some examples of this.
In most cases, these bad applications all have something in common. Unknown developers make these applications, and they normally are very basic. Applications like file cleaners, flashlights, and music players are some examples. You will have to dig deep into Google Play most of the time to find these applications.
My recommendation is to download applications from well-known developers. Anything on the top charts and applications most people recommend will be safe. I am not saying all small, and new developers are untrustworthy, but remember to be careful.
Is It Safe to Download and Install Files from APKs?
Android application packages (APK) store Android software and these files install new applications. To install applications from APKs, you will need to enable an option to install from external files. You need to be careful when installing files using APKs and you need to make sure what you are installing is safe.
There Are Safe Ways to Get Apk Files
There are safe places to download APKs, and a website like APK Mirror is trustworthy. In some cases, Google Play blocks people from downloading certain applications. The application may still run on a phone, so people download and install the application anyways. You sideload applications when you download and install them this way.
Some developers sell and distribute applications on their own websites. Google does sometimes block useful software from being on Google Play for various reasons.
A great example of an application store other than Google Play is F-Droid. F-Droid is an open source software store, and open source software is very trustworthy because people can verify that an application is safe to use.
What About Pirating Games and Applications?
Piracy on Android is high, and there are many ways to download and install paid applications for free. Supporting developers is in everybody's best interests. I am not going to argue over the morality of piracy as people will do what they feel is best.
I want people to know the risks and to be careful. I won't lie and tell you that all pirated software is bad and will give you malware as this is not true. Yet there is no 100% way of knowing what pirates have changed in the free version of applications they offer, and there is a chance of getting malware. Unless you have 100% faith in pirates, you will always be at risk when downloading free android applications this way.
This advice also applies to applications that promise pirate movies, TV shows, and streams as well. I know there are applications out there that run well and do what they promise, but due to even the slightest chance of malware, I can't recommend using these applications. This article by Android Central goes over these issues in more detail, and I recommend reading it.
Why You Should Keep Your Google Account Secure
On Android, your Google account is the most important one to secure. Your Google account holds all your data and any applications, books, and movies you buy from Google Play. When you first turn on an Android phone one of the first things you do is create a Google Account or use an old one to sign in. Use a Strong Password
Make sure you use a strong password. Make a password with at least six characters and use special characters and numbers. Using a weak password is dangerous, and I recommend storing your passwords with a password manager. I am currently using Bitwarden because it is open source and free, but there are other decent options. Secure your password manager with two-factor authentication to be extra safe.
A Few Things You Can Do to Keep Your Account Secure
Make sure you have a backup email address to use and give Google your phone number. You use these methods to verify yourself when you are having issues with logging into your account. Every once in awhile run the Google account security checkup tool as well.
Use a Mobile Authenticator!
I recommend using a mobile authenticator, and the Google Mobile Authenticator is a nice choice. Some two-factor authentication services send codes by text messages (SMS), and some services send emails.
Why use two-factor authentication? With two factor authentication, it is a lot harder for an intruder to get access to your account. Intruders will need to be able to generate the codes tied to your device to log into your account. Using two-factor authentication is one easy action everybody can take to make their accounts much more secure.
According to this source, less than 10% of Google accounts have two-factor authentication. I find this information to be very alarming because it shows how little the average user cares about securing their account. While this may sound extreme everybody who cares about security recommends two-factor authentication and so do I.
Use the security measures I mentioned here for most of your other online accounts as well. I recommend securing as many accounts with two-factor authentication as possible. This website lets you know what services offer two-factor authentication and the website gives you an option to send messages to the services that don't support two-factor authentication.
Do I Need an Antivirus Software on Android?
I use a free antivirus application because it does not slow down my phone and I like the extra layer of security. I paid a good amount of money for my phone, so I figure I am going to do whatever I can to protect it. As long as an antivirus does not have a huge impact on performance, there is nothing wrong with having one. This guide from Tom's Hardware is a good read and goes over options to choose from. I am currently using the free version of Bitdefender myself.
Do You Need to Use a VPN on Android?
A virtual private network (VPN) is an optional way to secure your phone when you are using an unknown WiFi connection. Some people also use VPNs because of geographic restrictions and in some cases restrictions their countries government sets on internet usage.
Do I recommend using a VPN? If you want to be safe when using unknown internet connections, a VPN is a way to be safer. I use a free account with TunnelBear as I don't need to use a VPN often. There are many VPN offerings, and I recommend doing some research to learn more. There are many VPN offerings, and if you are interested, you should do some research to learn more. Most free VPNs are not worth using and do not recommend using one.
Is Rooting an Android Phone Safe?
Some people use Root because they want full control of their phone and there are some applications that require it. Rooting your phone is inherently dangerous, and this removes the safeguards that are normally in place. Rooting an Android phone is the equivalent of using a Linux operating system as the superuser. You will be much more open to malware and external threats, and you will need to really know what you are doing to stay safe.
Also because of SafetyNet, some games and applications will refuse to run on phones that detected as being rooted. Pokemon GO and Google Pay are a few examples. There are ways to get around this issue, but they are extremely technical and require much tinkering and learning.
If you do wish to Root your phone make sure you are using a current and up to date method and make your phone model can be Rooted, to begin with. Messing up this process could potentially leave your phone in a bricked state. That is to say, your phone will not boot, or function at all.
Chances are if you are using a Rooted phone or have in the past you already know the pros and cons but keep them in mind.
Do You Root Your Android Phone?
Is Using a Custom ROM Safe?
Custom ROMs are ways to keep older phones up to date and to also get certain features and settings not found on normal Android OS. Custom are ROMs are safe, and in fact, some have even more privacy and security features than standard Android. LineageOS is an example of a very popular custom ROM.
You will have some of the same issues as with root though. You need first to be careful to make sure your device supports custom ROMs and make sure there is a way to install them. Be sure you 100% understand what you need to do as there is even a higher chance of bricking your phone, and I would not recommend using custom ROMs to the average user.
In some cases, you will need to install Gapps (The Google Play store and other related applications) separately. Your phone may also have missing features or weird quicks depending on the custom ROM you are using and who maintains the versions. Make sure to do some research about custom ROMs before trying anything. Lastly, keep in mind rooting your phone or installing a custom ROM may void the warranty.
Do You Use a Custom Android ROM?
My Final Advice
Overall remember to use common sense. As long as you attempt to keep your phone secure, you are on the right path. Keep in mind a lot of the extra security and account features are unused by most users.
Recap of How to Avoid Malware on Android
- Download applications from Google Play or 100% verified safe sources.
- Do not install applications from APK files unless the application is 100% verified safe.
- Avoid downloading pirated applications and applications from unsafe and unverified sources.
- Use a password manager and two-factor authentication to protect your online accounts.
- Use an Antivirus application to safeguard your phone if you want to feel extra safe.
Questions & Answers
© 2018 Eric Farmer