Skip to main content

How to Secure an Android Phone

Eric loves the Android operating system. He has many things to share with others on subjects he has learned from years of experience.

Keep Your Phone Secure

The Android operation system (OS) is very popular these days, and many people have Android phones.

There are multiple things you can do to keep your Android device secure, and in this article, I explain what they are.

Secure Your Phone With a Lock Screen

Use a Lock Screen

Secure your lock screen with a password, pattern, or a pin. Passwords are the most secure but harder to remember, and I use a pin myself.

Use Hardware Security

If your device has the right hardware, you can use it to unlock your phone a well.

For example, my current phone, the LG V20, has a fingerprint reader, and I use it all the time. Some newer phones can unlock the screen using your face.

Other Things to Lock

Lock Important Applications

Secure applications with a pin or fingerprint as well, as doing this adds an extra layer of security and privacy.

Password Protect Purchases

I also recommend making purchases that need a password or fingerprint to confirm them.

Even if you do not share your device, I recommend doing this, as this will help prevent accidental purchases.

Use Encryption

Encrypt Your Phone

Encrypting your phone is another way to secure it from threats.

Doing this will make sure the data is very secure as without your password nobody will be able to access your phone.

Encrypt Your SD Card

You can also encrypt an SD card, and if you do this, you must use the SD card inside your phone to transfer files with a USB cable.

New Phones Are Encrypted Already

Some newer phones come already encrypted, and my current Android smartphone was.

Be Careful When Connecting Your Phone to a Computer

When using a USB cable to connect a phone to a computer make sure you select the right option.

Only use transfer files when you need to do so. Otherwise, use the phone charging option.

These options let you select how a computer will interact with your Android device over USB connection.

These options let you select how a computer will interact with your Android device over USB connection.

Scroll to Continue

Keep Your Phone up to Date

Download All Updates

Whenever your phone gets updates, download these as soon as possible, as most security updates fix exploits.

You can avoid many issues Android has by updating your device, and I recommend downloading security updates as soon as possible.

When Not to Update

Only refuse to update to a new version of Android if you know some applications you use daily does not work yet.

Also, know if you test betas or developer previews of Android there may be bugs and I do not recommend doing this.

Use Google Play

Be Careful About What Apps You Download

The first line of Android defense is to be careful what applications you use on your phone. I recommend downloading applications from Google Play.

Google Play Is Safe

Google Play does a great job at filtering out bad applications, and hopefully, you will never see any.

Google Play Is Not Perfect

There Is Malware on Google Play

Google Play is not perfect though, and sometimes there are cases of malware in the store.

Google Play Malware Examples

Be Careful of Using Unknown Apps

In most cases, these bad applications all have something in common. Unknown developers make these applications, and they normally are very basic.

Applications like file cleaners, flashlights, and music players are some examples. You will have to dig deep into Google Play most of the time to find these applications.

Use Applications from Well Known Developers

My recommendation is to download applications from well-known developers. Anything on the top charts and applications most people recommend will be safe.

I am not saying all small, and new developers are untrustworthy, but remember to be careful.

Is It Safe to Install Apps from APKs?

What Are APKs?

Android application packages (APK) store Android software and these files install new applications.

To install applications from APKs, you will need to enable an option to install from external files in Android Nougat and lower.

In future Android versions, you only have to enable sideloading from specific apps.

Be Careful When Using APKs

You need to be careful when installing files using APKs and you need to make sure what you are installing is safe.

This is the option you need to enable to install applications from APKs.

This is the option you need to enable to install applications from APKs.

There Are Safe Ways to Get APKs

Not All APKs Are Bad

There are safe places to download APKs, and a website like APK Mirror are safe.

APKs Let You Download Apps You Can't Get Normally

In some cases, Google Play blocks people from downloading certain applications. The application may still run on a phone, so people download and install the application anyways.

You sideload applications when you download and install them this way.

Some Developers Distribute Outside Google Play

Some developers sell and distribute applications on their own websites. Google does sometimes block useful software from being on Google Play for various reasons.

Other App Stores

A great example of an application store other than Google Play is F-Droid.

F-Droid is an open source software store, and open source software is very trustworthy because people can verify that an application is safe to use.

What About Pirating Games and Applications?

People Pirate Apps Often on Android

Piracy on Android is high, and there are many ways to download and install paid applications for free.

You Should Support Developers

Supporting developers is in everybody's best interests. I am not going to argue over the morality of piracy as people will do what they feel is best.

Pirate Apps May Give You Malware

I want people to know the risks and to be careful. I won't lie and tell you that all pirated software is bad and will give you malware as this is not true.

Yet there is no 100% way of knowing what pirates have changed in the free version of applications they offer, and there is a chance of getting malware.

Unless you have 100% faith in pirates, you will always be at risk when downloading free android applications this way.

I Do Not Recommend Using Pirate Apps

I know there are applications out there that run well and do what they promise, but due to even the slightest chance of malware, I can't recommend using these applications.

This article by Android Central goes over these issues in more detail, and I recommend reading it.

Why You Should Keep Your Google Account Secure

Your Google Account Is the Most Important Account

On Android, your Google account is the most important one to secure.

Your Google account holds all your data and any applications, books, and movies you buy from Google Play.

When you first turn on an Android phone one of the first things you do is create a Google Account or use an old one to sign in.

Use a Strong Password

Make sure you use a strong password. Make a password with at least six characters and use special characters and numbers. Using a weak password is dangerous.

Use a Password Manager

I recommend storing your passwords with a password manager. I am currently using Bitwarden because it is open source and free, but there are other decent options.

Secure your password manager with two-factor authentication to be extra safe.

This is the my account screen for my Google account.

This is the my account screen for my Google account.

Other Options to Keep Your Google Account Secure

Have a Back Email Address

Make sure you have a backup email address to use and give Google your phone number.

You use these methods to verify yourself when you are having issues with logging into your account.

Use the Google Security Checkup

Occasionally, run the Google account security checkup tool as well.

Use a Mobile Authenticator

I recommend using a mobile authenticator, and the Google Mobile Authenticator is a nice choice.

Why Use Two-Factor Authentication?

With two factor authentication, it is a lot harder for an intruder to get access to your account.

Intruders will need to be able to generate the codes tied to your device to log into your account.

Using two-factor authentication is one easy action everybody can take to make their accounts much more secure.

The Google Authenticator Application.

The Google Authenticator Application.

Do You Need an Antivirus Software on Android?

If an antivirus does not have a huge impact on performance, there is nothing wrong with having one.

This guide from Tom's Hardware is a good read and goes over options to choose from.

Do You Need to Use a VPN on Android?

What Is a VPN?

A virtual private network (VPN) is an optional way to secure your phone when you are using an unknown Wi-Fi connection.

Some people also use VPNs because of geographic restrictions and in some cases restrictions their countries government sets on internet usage.

Use Safer Wi-Fi

Do I recommend using a VPN? If you want to be safe when using unknown internet connections, a VPN is a way to be safer.

Is Rooting an Android Phone Safe?

Why Use Root?

Some people use Root because they want full control of their phone and there are some applications that require it.

Using Root Could Be More Dangerous

Rooting an Android phone is the equivalent of using a Linux operating system as the superuser.

You will be much more open to malware and external threats, and you will need to really know what you are doing to stay safe.

Failing SafetyNet

Also because of SafetyNet, some games and applications will refuse to run on phones that detected as being rooted. Pokemon GO and Google Pay are a few examples.

About Magisk

Magisk is a more modern way to root phones. Using Magisk fixes a lot of the previous issues Root users had.

With Magisk installed correctly, you will not have SaftyNet issues, and everything runs great. If you do Root your phone, I would use Magisk.

Is Using a Custom ROM Safe?

Custom ROMs Are Safe

Custom are ROMs are safe, and in fact, some have even more privacy and security features than standard Android. LineageOS is an example of a very popular custom ROM.

Use Custom ROMs to Keep Old Phones up to Date

Custom ROMs are ways to keep older phones up to date and to also get certain features and settings not found on normal Android OS.

Do Some Research

Make sure to do some research about custom ROMs before trying anything. You need to be sure your device supports custom ROMs and make sure there is a way to install them.

Be sure you 100% understand what you need to do as there is even a higher chance of bricking your phone, and I would not recommend using custom ROMs to the average user.

Google Apps May Be Missing

In some cases, you will need to install Gapps (The Google Play store and other related applications) separately.

Missing Features on Custom ROMs

Your phone may also have missing features or weird issues depending on the custom ROM you are using and who maintains the versions.

Recap of How to Avoid Malware on Android

  • Download applications from Google Play or 100% verified safe sources.
  • Do not install applications from APK files unless the application is 100% verified safe.
  • Avoid downloading pirated applications and applications from unsafe and unverified sources.
  • Use a password manager and two-factor authentication to protect your online accounts.

This article is accurate and true to the best of the author’s knowledge. Content is for informational or entertainment purposes only and does not substitute for personal counsel or professional advice in business, financial, legal, or technical matters.

Questions & Answers

Question: What should I do if I get strange security notifications from Google?

Answer: If you are getting unknown security confirmations on Google, then your account is most likely compromised. I would go to the Google Account security page and change your password as soon as possible.

I would also check and see what devices you are logged into. Sign out of any devices you don't recognize.

© 2018 Eric Farmer

Feel Free to Post Any Questions or Comments You Have

Eric Farmer (author) from Rockford Illinois on March 27, 2018:

@Mary Diderich I am happy I could help. This is why I love to write about technology. I want to teach other people how to do things and help them.

Mary Diderich on March 27, 2018:

So much information that I was totally unaware of. For instance, I now have two-factor authentication on my Android and prior to reading this article had no idea what it was or even that it was available. Thank you for sharing all of this valuable information.

Related Articles