What's your strategy to handle your phone being stolen?

Most comments here are "my phone is already stolen because google bad", or "dont use 90% of the features and youre fine".

Here's an answer for normal users.

Buy a pop socket with a ring, keep your finger in it - it gets difficult to take the phone from your hands. Keep your phone in a closed bag when not in use, on the front of your body, like one of those "fanny pack" things, for example. Keep all your important things synced, and know where to find and how to use the "find my phone" and similar features.

For android, for example, you can remotely find and hard-lock your phone and SIM. Know where to find and how to use that.

Buy a non-apple phone, or any other phone that isnt highly desirable by thiefs. iPhones have a very high resell value.

For Android, you had better keep your 2FA codes in an accessible location if you plan on locking/finding your phone. There's nothing like losing your phone, trying to log into your account from your SO/friend/stranger's phone so that you can. get to Find My Phone, and being blocked from taking action because you don't have your 2fa codes on you.

Solutions: First obvious one is to keep a physical copy of your recovery keys in your wallet. Of course, that doesn't help if your wallet is stolen, so the next option that I use:

Keep a KeePass (or equivalent) database in a hosted cloud like Dropbox (that DOESN'T require 2fa), holding your recovery keys. This way your database is protected by two passwords, so that if either are compromised you are still protected. You'll have to memorize both passwords but that's a good tradeoff imo. Then use KeeWeb (preferably a self-hosted one) to access your database and codes. So the model here is: borrow a phone, log into Dropbox, download KP database, open KeeWeb, open database, and get your 2fa codes. Log into Google (actually, third password you should memorize), and lock/ring/clear your phone.

Immediately mark the device as lost/stolen in iCloud and force a warning message with an alternate contact number.

6 digit PIN, device encryption, cloud backup of my photos and Apple’s FindMy device feature.

Has worked before fantastically.

I lost my android phone in the park on Thursday afternoon. It was in an area around a cabin selling hot drinks and some food. I went back but no sign of it and the cabin was closed. Tried again the next morning and they had my phone! I was overjoyed but it made me think.

I had logged it out of google and had the chance to stop the SIM - but getting it working again sounded long winded so I didn't.

They said they looked for emergency contact numbers, but I didn't have any set up. I didn't know you could do that, but I have added them.

I later found a call to it I didn't recognise, but realised I had a business card with the phone which they had tried to contact me with, but just called the phone they already had.

All in all I think I was so lucky and they were magnificently kind. So far as I know there is nothing on it I couldn't get back, but I realised that having personal information with it was probably not actually a good idea. I think I am ok with the emergency contacts because I am getting old and may need to be helped one day. I probably should have put a stop on the SIM. Not sure what else I should have learned.

My approach is not taking a phone when possible. No PIN because I am bad at remembering PINs and no encryption because there is nothing on it except of my nude photos.

In 2014 I had my phone stolen by a couple of homeless people. I had footage of them and printed flyers with their faces clearly visible. I distributed the flyers around the local homeless areas and the thieves actually brought the phone back and left it where it would be found.

The SD card was gone, and they had tried to reset the phone. I was able to get into it with USB debugging and recovered about 3 Bitcoin that was only stored in a wallet on that device.

Don't store important data on your phone unless it's synced.

Make backups.

If you have sensitive data, prefer an iPhone. They're slightly harder to crack and extract the data for the average script kiddie. If you require real security, you're on your own. Very few things stay secure once they're in someone else's hands.

Don't use SMS 2FA.

Store 2FA tokens in your password manager (I use Bitwarden).

Protect your password manager 2FA with a Yubikey. Keep it on your person. Have a spare Yubikey in another location.

Just don't use your phone in such a way that having it stolen would mean your whole digital life is gone. Use it as a radio to call people or emergency services, and use things like the alarm clock or calendar and nothing else.

PIN and standard encryption. I also try not to do anything sensitive on it in the first place. I also take steps to reduce the risk of it being stolen.

4x4 pattern, encryption, multiple backups (rsync via termux is great), disable fingerprint unlock when in transit (lockdown mode). If it happens: grab an old backup phone, visit the carrier store and leave with a new SIM with the old number. Revoke access of the stolen one wherever possible.

If you are using an app on your phone for 2FA, make sure you have its state backed up somewhere else.

It can be very difficult, sometimes impossible, to fix access to an account blocked by lack of access to your 2FA app.

I do not have a phone. Can not steal what I do not have. Problem solved.

Authy and keepass file stored remotely, pictures backed up to cloud. It'd be really inconvenient, but I try and have nothing I care about only local to my phone.

among my obfusicated contacts are various entries such as: sexbuddy, hottie across the hall; etcetera. Each of them are given the same contact number [911 911 9119]

Prevention. I don't let it get stolen. Never leave it laying around unattended or where it could easily be grabbed by someone.

My phone has effectively already been stolen, because it runs software that has been developed to work against my interests. None of the data on it would I miss losing, because it's not an authoritative copy. None of the data on it would I be upset about someone else having, because the advanced persistent threat of the surveillance industrial complex already has it. Sensitive information would have never been on my phone in the first place.

I would never keep anything important on the phone -- it's a Google Android phone after all -- so the strategy is simply to have the stolen SIM card locked and a new one mailed to me.

Any old mobile phone sitting around would be fine at that point, until I decide to get a new one.