Set a password or PIN screen lock and a timeout

Without screen lock, anyone getting their hands on your device will have complete access to everything on it, and you can not enable on-device encryption.

Touch or retinal scans to unlock your phone without needing to enter a password (passcode, PIN) is nice, but in some countries biometric authentication methods are not protected the way passwords are. In these countries, law enforcement can not compel someone to enter a password to unlock a device without a search warrant, but they can for access by touch or retinal scan.

In addition, for all people in all countries, raw biometrics data in the form of fingerprints, face or retinal scans or voice recognition, for example, is analog data until a biometric system converts it to digital data that a computer can then process. This data must be stored somewhere. The convenience of biometric authentication is only worthwhile as long as the data being stored remains secure and untapped. For single-user devices, like an Android, this data can be stored on the local device. And if data is stored somewhere, it could potentially get stolen. If the worst happens and your PIN or password get stolen, you can easily change them. What are you going to do if your fingerprint or Iris scan get stolen?

Depending on your Android:

  • Settings -> Privacy -> Lock Screen -> Screen Lock Type -> Select one of the screen lock types (OR)

  • Settings -> Security -> Screen lock (OR)

  • Settings -> Lock screen

And somewhere else in your settings (maybe Display), set a screen timeout.