How to encrypt your iPhone, Android phone, or Windows Phone
Posted on February 13, 2019 By Dennis
The smartphones we carry around with us these days have come a long way away from the cellphones of years past. These devices are no longer “mobile phones” but rather mini-computers that hold a vast amount of personal information, including contacts, photos, videos, and documents. What’s more, you might stay logged into apps that contain banking information, credit card details, and more. Have you wondered what would happen if someone were to get their hands on all of that information? Given that 70 million smartphones are lost each year, it’s a real concern.
One of the best ways to keep your information safe is to have nothing important on the phone, although this is nearly impossible. The next best option is encryption. Encrypting your device will mean that the information stored on it is unreadable to anyone but you. This means you can prevent someone for using it for malicious purposes, including extorting you with comprising photos, using your credit card details to make purchases, or using personal information in identity theft. With your phone encrypted, it would be a huge undertaking for anyone to access your information. In most cases it simply wouldn’t be worth their time.
No doubt, if your device does fall into the wrong hands, you’d like to have the peace of mind that your information remains safe. In this post, we’ll explain how you can encrypt your iPhone, Android phone, or Windows Phone.
How to encrypt your iPhone
Thankfully, Apple makes things rather simple by building encryption into its operating systems. This means that all you have to do to encrypt your iPhone is set your passcode. If your device falls into the wrong hands, the third party will need your passcode to decrypt the contents of the device. This includes everything from contacts, images, and calendar information to call logs, text messages, and emails.
How to set up or change your Touch ID and passcode
Here are steps to encrypt your iPhone by setting or changing your Touch ID or passcode:
1. If you haven’t already, to set or change your passcode, go to Settings > Touch ID & Passcode (or Passcode for older devices).
2. If you’ve already set a passcode before, you’ll be prompted to enter it. In the resulting screen, you’ll see options for when to use touch ID and the ability to add multiple fingerprints. Note that if you set up touch ID, you still need a passcode as well. This will act as a backup and enable you to bypass touch ID if you want.
3. Below the Touch ID settings are options to Turn Passcode Off and Change Passcode. Select the latter and you’ll be prompted to enter your old passcode if already set up.
4. Next you can create your new passcode. By default the number keypad pops up, so it’s easy to think you’re limited to numbers only. However, if you click on Passcode Options, you’ll see you can choose from Custom Alphanumeric Code, Custom Numeric Code, and 4-Digit Numeric Code.
An alphanumeric passcode that has more than six characters will be the most difficult to crack. Although, this does mean having to switch between keyboards when entering your passcode, so might be a nuisance for some users.
5. To confirm that the data on your device is encrypted, you can scroll to the very bottom of the Touch ID & Passcode screen, where it should say “Data protection is enabled.”
Note that although the data is encrypted, Apple used to be able to extract some data under certain circumstances, such as requests from law enforcement. However, for devices running iOS 8.0 and later, this is no longer a possibility as “Apple does not possess the encryption key.”
Enable the delete data failsafe
A neat feature built into the most up-to-date versions of iOS is the option to erase all data on your device after 10 failed passcode attempts.
To switch this on, go to Settings > Touch ID & Passcode and scroll towards the bottom of the screen. Here you’ll see the Erase Data feature that can be simply toggled on and off.
Warning: This really will erase all of your data, so if you enable it, be certain that all of your data is backed up. Also, it’s not a good idea to use this feature if young kids have access to your phone. The “game” of hitting numbers and watching those little circles fill up is surprisingly addictive to a three-year old and could cause you a lot of hassle when your device is wiped.
Back up to iCloud
While sending your data to the cloud might sound unsecure, it’s actually a smart thing to do. Apple encrypts the data in its backups, so that it can only be accessed using your Apple ID and passphrase. This is different from the passcode above and is the one you would use to do things like access your online account, buy premium apps, or make in-app purchases.
Backing up your data makes it easy to recover if your device is ever lost, stolen, or damaged. You can perform a manual backup or set your device to back up daily to iCloud in a few simple steps:
1. Ensure you’re connected to a wifi network.
2. Go to Settings > [name (yours)] > iCloud > iCloud Backup.
3. You can toggle the iCloud Backup switch to enable automatic daily backups of your data when your device is connected to a wifi network. If you want to perform an immediate backup, you can hit Back Up Now. Just make sure you remain connected to wifi until the backup is complete.
Encrypt iTunes backups
iTunes backups offer an alternative way to back up your device. You can read more about the difference between iTunes and iCloud backups in Apple’s documentation, but one of the major difference is that iTunes backups aren’t encrypted by default. However, there is the option to encrypt them, and by doing so, you open up the option to backup up otherwise disallowed data such as health data, passwords, and website history.
To do this, you have to turn on the Encrypt backup option within iTunes when you connect your device to your Mac or PC.
How to encrypt your Android phone
Some Android devices are similar to Apple offerings in that they are automatically encrypted when you set a passcode for the device. However, others are not, some of which can be encrypted manually.
Set or change your password
If your device falls into the first category of encrypting automatically, instead of just having the option of a passcode, you can set a PIN, pattern, or password. Note that using the swipe option for your screen lock (where you simply swipe your finger to open it) does not offer protection in the form of encryption.
Here are the steps to set or change your password:
Note: These instructions are for Pixel and Nexus phones and may vary slightly for other Android devices.
1. Go to Settings > Security & Location > Screen lock.
2. Here you can choose the type of screen lock you’d like to use (PIN, pattern, or password). A long alphanumeric password will give you the most protection as it will be more difficult to crack than something like a four-digit PIN. Note that if you’ve set a screen lock already, you’ll be prompted to enter it before arriving at the selection screen.
3. You can then follow the on-screen instructions to set your new screen lock.
In addition, you can opt to change your screen lock settings by tapping the settings icon next to it. These include power button locking, automatic lock timing, and a lock screen message.
If you want to take advantage of a fingerprint sensor on newer Android phones, you can set up your fingerprint(s) by going to Settings > Security & Location and selecting Pixel Imprint or Nexus Imprint. This may simply say Fingerprint or something similar for other Android models. As with Apple devices, a fingerprint needs to be accompanied by a backup option, in this case a PIN, pattern, or password.
Encrypt your device manually
If you have an older device, such as a Nexus 10 or earlier, then it won’t support encryption by default. However, it is fairly simple, although a bit time-consuming, to encrypt it manually. Before you do, you need to decide if it’s worth it because there are a few downsides.
First, encryption can diminish the performance of the phone and cause booting up the device to take a lot longer than normal. Plus, the encryption may not be completely foolproof and Android phones have been known to be susceptible to freezing cold boot attacks.
Finally, if you have to undo the encryption, you’ll have to do a factory reset, which means complete loss of your data. As such, no matter what device you’re using, you should do a full backup, just in case.
If you decide you still want to go ahead, here are the general steps to encrypt your Android device:
Note: Ensure you have ample time to spare as this could take more than an hour to complete.
1. Plug in your device to charge — the encryption option won’t be available if your battery isn’t charged or the device is not plugged in.
2. Go to Settings > Security & Location.
3. Under Encryption, you’ll have the option to Encrypt phone (or Encrypt tablet). Select this option and review the information provided.
4. Select Encrypt phone and enter your PIN, pattern, or password, and hit Continue.
5. Hit Encrypt phone one last time and the encryption process should begin. Once complete, you’ll need to enter your screen lock PIN, pattern, or password each time you start your phone.
Encrypt your SD card
If you want to avoid having to encrypt your device, another option could be to only keep sensitive data on encrypted SD card. Some Android phones enable users to encrypt their SD card via their device.
To do this, simply go to Settings > Security > Encrypt external SD card. You’ll have the option to decide which types of files are encrypted, for example images and videos.
Once the card is encrypted, it will no longer be readable by a card reader. However, unlike device encryption, SD card encryption is reversible. This could be a good thing in that you’re less likely to lose data, but it does make it slightly less secure.
How to encrypt your Windows Phone
If you have a Windows Phone that runs Windows 10 Mobile, then you’ll have the option to encrypt your device or SD card. Windows uses BitLocker technology to encrypt the operating system, plus files and folders you store on your phone.
Enable device encryption
Unlike in the newer versions of iOS and Android, the Windows 10 Mobile encryption feature is disabled by default, although it is simple to turn on.
Here’s how to enable device encryption on your Windows Phone:
1. If you haven’t already set a PIN for your phone, you should do that now. To do this, go to Settings > Sign-in options and select Add under PIN.
2. Then go to Settings > Update & Security > Device encryption.
3. In the Device encryption screen you’ll see a toggle button which you can simply move to the on (right) position.
Encrypt your SD card
As with some Android phones, Windows Phones running the latest Windows 10 offer the option to encrypt your SD card.
1. To find this feature, go to Settings > Update & Security > Device Encryption.
2. Select Encrypt SD card.
Does encrypting my device mean I don’t need a VPN?
A Virtual Private Network (VPN) encrypts all of the internet traffic going to and from your device and channels it through an intermediary server. A VPN has two primary functions. The encryption provides security as no one can spy on your internet traffic. The fact that traffic goes through an intermediary server means you can spoof your location, which helps you unblock geo-blocked content and bypass country restrictions.
If you’re primarily looking at a VPN for the security factor, you may be wondering if you still need it when your device is encrypted. The short answer is yes. Device encryption only encrypts the contents of the phone and not the traffic going to and from it. For example, your emails and messages won’t be encrypted, and your ISP, hackers, or other snoopers can still see which websites you’re visiting. To encrypt your internet traffic, you’ll need to use a VPN.
Image credit: “CyberSecurity” licensed under CC BY 2.0