How can I best secure an Android phone?

Question

I'm a long-time iPhone user who has recently been using a Pixel 4a. I've always appreciated that iPhones are "secure by default" (more or less) and I want to replicate that, if possible, on Android. Are there any defaults that I must change, or any dumb settings that put one at risk? I'm having trouble finding up-to-date Android security recommendations from competent sources, that are not just security theater...Thanks!

jkonline · Accepted Answer

I concur with @Dah00n, it really depends on your definition of security.
Another great security-focused distro is grapheneOS[1^] and HowToGeek has a good rundown[2^] of some fundamental security configurations (albeit a bit dated).
(For comparison, I personally don't feel that "Only use Google devices" is security-forward. Quite the opposite IMHO).
Then again, if an iPhone is something you consider more or less secure by default, then the above probably does indeed cut the mustard.
[1]: https://grapheneos.org/
[2]: https://www.howtogeek.com/366653/how-to-make-android-as-secu...

giantg2 · Answer

You can use a security targeted distro, like copperheadOS.
You can use the regular built in stuff, like device encryption, long pins, adjusting the privacy settings, and adding/removing apps for best security.
Then there's this for general tips. https://anonymousplanet.org/guide.html

Dah00n · Answer

It depends on how you define security. Are you talking about privacy maybe? Because there are more 0-day exploits for iphones than pixels so for security you are already ahead.

Raed667 · Answer

Really depends on your threat model. But here are some very generic steps:- Only use Google devices- Enabled disk encryption- Only use password unlock (instead of fingerprint or face unlock)

How can I best secure an Android phone?

You can use a security targeted distro, like copperheadOS.You can use the regular built in stuff, like device encryption, long pins, adjusting the privacy settings, and adding/removing apps for best security.Then there's this for general tips. https://anonymousplanet.org/guide.html

It depends on how you define security. Are you talking about privacy maybe? Because there are more 0-day exploits for iphones than pixels so for security you are already ahead.

Really depends on your threat model. But here are some very generic steps:- Only use Google devices- Enabled disk encryption- Only use password unlock (instead of fingerprint or face unlock)

You can use a security targeted distro, like copperheadOS.
You can use the regular built in stuff, like device encryption, long pins, adjusting the privacy settings, and adding/removing apps for best security.
Then there's this for general tips. https://anonymousplanet.org/guide.html

Really depends on your threat model. But here are some very generic steps:
- Only use Google devices
- Enabled disk encryption
- Only use password unlock (instead of fingerprint or face unlock)