One of the first things that I decided to do of after getting my new Samsung Galaxy Note 2 smartphone was to protect the data stored on the phone's memory space from unauthorized access. Phones by default are only protected by the PIN, which may protect the phone just fine if it is not turned on. If the phone is turned on though, an attacker can access all of the data stored on the phone without having to enter a single password or PIN first.
Setting a lock screen password is however just one of the steps that you should undertake to protect your phone from unauthorized access. While it may keep out people who got hold of your phone in first place, it may not protect the actual data on the phone's storage device. You need to encrypt the data on the phone to make sure that the data can't be dumped by a third party.
Encrypt your Android Phone
A few requirements have to be met before you can go ahead and encrypt the data on your phone:
- Your Android phone needs to support encryption. I'm not 100% about that but I think encryption was added in Android 3.0. You may alternatively want to check out third party encryption apps. Update: It was added earlier in Android 2.3.4.
- You need to set a lock screen password or pin.
- Your phone must be connected to a power source.
Setting a lock screen may be enough if you do not have overly sensitive data on the phone. Regular attackers won't get past the lock screen which leaves them with the option to reset the phone and all the custom data that was saved on it.
1. Setting the lock screen password
On the Samsung phone, you tap on the Settings button and select Lock screen > Screen Lock from the options page. Here you need to select how you want to protect the phone when it is locked. Available for selection are protection by pin, password, pattern or other methods. Select password protection here and make sure the password has at least six characters of which one is a number. I highly suggest to increase the number of characters to the maximum number of 16 characters to improve security.
Once you have set the password, you will be asked to enter it whenever you turn on the phone, or want to continue your work after a time of inactivity. This may be inconvenient but that is a small trade-off for better security.
2. Encrypting the Android phone
You need to plug in your phone and make sure that the battery is charged before you continue. The option to encrypt the phone is grayed out otherwise. A click on Security > encrypt device under Settings opens the configuration menu where you can start the encryption process. Please note that it may take an hour or more to complete.
You can encrypt accounts, settings, downloaded applications, and their data, media, and other files. Once you encrypt your device, a password will be required to decrypt it each time you power it on.
Encryption takes an hour or more. Start with a charged battery and keep device plugged in until encryption is completed. Interrupting may cause you to lose some or all data.
Set an unlock password of at least 6 characters, containing at least 1 number.
You are asked to enter the unlock password after tapping on the encrypt device button. The next screen offers information about the consequences, and an option to run a fast encryption instead of a full device encryption. A fast encryption will only encrypt the used memory space and not all the device space.
Encrypt device? This operation is irreversible and if you interrupt it, you will lose data. Encryption could take an hour or more, during which the device will restart several times and cannot be used.
Fast encryption: If you select this option, only used memory space will be encrypted.
You need to wait until the encryption completes before you can start using your phone again. Make sure it is connected to a power source throughout the whole process to avoid power failures and resulting data loss. If you want to be on the safe side, consider backing up your Android phone before you start the encryption of storage space. Samsung smartphone owners can use Samsung Kies for that. Make sure the backup is stored safely as well.
If you are using external SD cards, you may want to consider encrypting those cards. The option is available under Security as well.