Skip to content
Cybersecurity > Hardening

25 tips to secure your Android phone (2021)



Let’s introduce this post with two principles:

  • The less you take care of your settings, the more you let Android and apps spy on you.
  • The more apps you have, the more you are exposed to hack and data leakage.

Now we have said that, let’s see what you can (must) do to reduce the attack surface.

We’ll give you here many tips, and recommend great free apps.

Protect from lost / thief

Enable encryption

Activate the encryption, including on the SD card.

Define a strong password

Don’t be satisfied with a 4-digit code, that could be broken in a few minutes. Define password at least 7 characters long.

Enable screen lock settings

Enable the screen lock after a few minutes inactivity.

Limit information displayed on the screen lock

Don’t popup messages on lock screen through the lock screen privacy options.

Control access to sensitive apps

Request a code to access sensitive app, using Norton App Locker (free) for instance.

Disable voice control

Disable ‘Ok Google’ trusted voice.

Back up your data

Prefer app which back up or synchronise data on the cloud, so if you lose your phone, or need to erase it remotely, you’ll still have your data (especially your passwords, and your pictures).

Enable ‘find my mobile’

Enable “Find my mobile” and make sure you can erase your mobile remotely if needed.

Protect from trackers

Disable location services

Unless you are using it, disable location services.

Disable personalised advertising

Don’t serve Google all your personal information on a platter.

Disable telemetry

Don’t share any data with developers.

Review and revoke permissions of apps

When not absolutely needed, don’t authorise apps to access your pictures, your location, etc…

Use progressive Web apps instead of apps

Native apps can just help themselves in your phone, which is not the case when you use a browser to access their content (ex newspapers, twitter…).

Use a VPN to hide your IP address

If you have decided to not use a Firewall (which installs as a VPN), you can use a VPN like ProtonVPN (free) to hide your IP address.

Use a browser respectful of you privacy

Use Firefox Focus (free) which block trackers and javascript, or even a browser that include a VPN like Opera (free).

Use a respectful search engine

Search the web with an engine that doesn’t log all you behaviour. Replace Google Search by DuckDuckGo (free).

Use a secure encrypted mailbox

Use a secure mailbox like ProtonMail or CTemplar (free)

Use secure encrypted messenger

Use a secure encrypted app to chat, like Signal (free)

Protect from hackers

Don’t root your system

Don’t root your system. And only install apps from official stores like Play Store.  Make sure automatic download and install are deactivated in the setup.

Update the OS and the apps

Enable auto updates for your operating system. These updates often include critical patches and protections against security threats. Make sure your apps also auto-update to mitigate vulnerabilities.

Activate Google play protect

The scan of all installed app by Google is not an absolute security measure, but it is better than not having it.

Use an antivirus

Use an antivirus like BitDefender (free) as a secondary check of your apps. It is not 100% secure, but it is better than not having it. BitDefender is efficient, light and contains no ad.

Use a firewall (optional)

The Netguard Firewall install itself as a VPN and check all data sent and received by each of your apps. Be aware you can only have one VPN slot active at a time.

Use a password manager

Disable Smart Lock for Passwords and Auto Sign-in. And use a vault like Bitwarden (free) to generate and remember complex and different password for each account you have. It will also synchronise you passwords on all you devices.

Activate TOTP everywhere

Activate two factor authentication (2FA) through TOTP, and use an authenticator app like Authy (free).



Leave a Reply

Your email address will not be published. Required fields are marked *

Exit mobile version