Your phone or tablet holds a lot of personal data about you and your life. Text messages, personal and business contacts, emails, credit card information, private photos and videos — all of these represent snippets of your life, and you wouldn't want just anyone to have access to them.
There are several important ways to keep your phone safe against threats before, including setting a strong lock screen passcode and checking permissions requested by apps . But, as we've seen in the ongoing battle between the U.S. government and Apple, WhatsApp and others, one of the most effective ways of making your data useless to anyone who gets hold of your phone or tablet is to encrypt it.
What is encryption?
To describe it simply, encryption is the process of jumbling data using an encryption key available only to you in such a way that the information is no longer recognizable or understandable. When you need to use your data, the reverse process of unscrambling, known as decryption, uses your unique encryption key to bring it back to a readable state.
You can think of encryption as a secret code known only to you. If someone were to steal your private journal, the thief wouldn't be able to understand what’s in it without knowing the secret code you used to encrypt it.
Why encryption is important
Even if you’ve locked down your phone with a strong alphanumeric password, the data behind that wall of defense are still readable — your emails, text messages, photos, everything. So unless you have encrypted your phone, a knowledgeable thief can use various means to crack or bypass your password and then harvest your data.
Since encryption garbles information, it adds another layer of protection to your information by rendering it unusable by anyone who doesn't hold the key to un-garble it.
Governments encrypt classified information. Businesses guard their corporate secrets with encryption technologies. Doctors and lawyers use encryption to prevent client data from falling into the wrong hands. You can use encryption to shield your personal information against identity and data thieves. In fact, the United Nations Commission on Human Rights considers encryption a human right because it “provide[s] the privacy and security necessary for the exercise of the right to freedom of expression in the digital age.”
If you are preparing to sell or give away your mobile device, encrypt it before resetting it to its factory state, especially if it's an Android device. Even a full factory reset won’t completely wipe out your personal data. Security company Avast found that information you thought had already been wiped clean still remains on your Android device even after a factory reset. The company’s researchers were able to extract photos, emails, text messages, search histories, personal identities, contacts and more from used Android phones they bought from eBay. Researchers at the University of Cambridge have also found that remnants of your “deleted” data can actually be used to log in to your accounts.
You can avert the potential for data breaches like these by encrypting your mobile device.
How to encrypt your iPhone or iPad
Apple devices running iOS have encryption baked into the OS and file system itself, but you need to set up a lockscreen passcode. Go to Settings > Touch ID & Passcode. There, turn on the Passcode feature. Disable Simple Passcode so that you can use longer alphanumeric passcodes that are harder to crack. While you're at it, set the Require Passcode option to Immediately.
Afterwards, return to Settings > Touch ID & Passcode and scroll down to the bottom. Here, enable the Erase Data option so that your data will be automatically wiped after 10 failed passcode attempts. You should also see “Data protection is enabled” below the option. This means that data encryption is now active and uses your designated passcode as part of the encryption key. Now no one will be able to hand over your data because only you know your passcode.
How to encrypt your Android phone or tablet
On Android devices, the steps are similar. Here’s how to do it for Android 4.3 Jelly Bean, Android 4.4 KitKat and Android 5.0 Lollipop:
- Plug in the phone’s power charger. Initial encryption consumes a lot of battery power, especially if you already have a lot of existing data on your phone. You don’t want to run out of juice in the middle of the encryption process or you could lose data.
- Go to Settings > Security. (The location may vary on some devices.)
- Tap on Screen Lock and select PIN or Password from the list.
- Designate a PIN or password. We recommend a password at least six characters long and using both numbers and letters.
- Scroll down to “Encrypt phone/tablet,” then tap “Encrypt SD card” to tick its checkbox. Tap the Next button and confirm your choice on the next screen by typing your PIN or password when prompted.
- Tap the “Encrypt phone/tablet” button to begin encryption.
Initial encryption can take 30 minutes to about an hour, depending how much data you have. Your phone or tablet will reboot a few times during the process; this is normal. Just let the process complete. Once encryption is finished, you will be asked for your PIN or password to unlock your device.
Also remember that once you encrypt your Android device, you cannot turn off encryption without performing a full factory reset.
Some device manufacturers also allow you to encrypt external SD cards. Samsung and Sony have included this feature in their custom builds of Android. An encrypted SD card work only on the device that encrypted it, so you cannot use an encrypted card on another device. Fortunately, SD card encryption can be undone, unlike full disk encryption of your mobile device. If you want to use your SD card on another phone, you will have to decrypt it first.
If your device runs an earlier Android version, the Lollipop upgrade offers to enable encryption during the upgrade. Otherwise, you must manually enable it after the upgrade. The steps are similar to those for Jelly Bean and KitKat.
If you want to learn the technical details about encryption in Android 5.0, head to the Android developer page about full disk encryption.
For Android 6.0 Marshmallow devices, Google has made full-disk encryption mandatory on devices that support it and requires Advanced Encryption Standard (AES) crypto performance of at least 50 MiB/s. You automatically enjoy the safety of encryption if you own such a device.