Skip to content

Android

Prerequisites

  • Install a Password Manager
    • To store a unique, strong password for the phone that is also easy to enter.

Make sure your device receives updates!

Operating system updates are critically important.

If you are not using the latest version of your operating system, your device is not considered secure!

Make sure your device receives updates and is running the latest version.

If your device no longer receives updates, it must be replaced!

Security features supported by Android devices are fragmented. As a result, not all devices can provide equal security, and it may be possible to extract data without the user's password.

Therefore, it is recommended to use only devices that meet all security parameters supported by Android. One such feature is StrongBox, which means the device has an additional Security Chip (TPM) that protects user information and is resistant to unauthorized data extraction.

An incomplete list of Android smartphones that have such a Security Chip (TPM) can be found at this link

Google Pixel

Among Android smartphones, Google Pixel is, generally, the most secure, because they follow all recommendations proposed by Android.

Other manufacturers are not required to follow these recommendations.

Pixel smartphones also, compared to other Android devices, receive updates the fastest and for the longest period.

System configuration

Password

Android limits the maximum password length to 16 characters, so we will use short syllables randomly selected by a computer, making it practically impossible to crack, while you'll only need to enter it once every 72 hours.

Use Biometric Authentication

  Disabling Face ID / Touch ID (iOS/macOS) or fingerprint (Android) not only significantly reduces convenience but also pushes you toward using a simpler password

  This also increases the risk of password exposure, since you will need to enter it more frequently in public spaces

  Your device's security depends on the strength of its password. Especially when the device is powered off

  After powering on from a shut-down state, Biometric Authentication won't work anyway until you enter the password at least once

  Therefore, it is better to use a strong password combined with Biometric Authentication, and in case of a threat, simply power off the device

Creating a new password

  1. Generate a new mobile password with the FOI Password Generator

    Tip

    Press the generate button until you get a password whose last word you can easily memorize.

    FOI Password Generator

  2. Since the password length is limited on Android, instead of separating with a dot or space, start each word with a capital letter

  3. Memorizing the password:
    • Write the first three syllables on paper
    • Memorize the last word
    • After memorizing all four words, destroy the paper
  4. Saving the password in Bitwarden:
    • Create a new entry, give it a name (e.g., My Pixel 9 Password)
    • Enter the full password in the Password field
    • Click Save button

Changing the password

Google Pixel instructions are used. On your device, changing the password may be done from a different location

  1. Open Settings
  2. Go to Security and Privacy > Device Unlock
  3. Select Screen Lock > Password
  4. Enter the existing password
  5. Enter the new password. Since the password length is limited on Android, instead of separating with a dot or space, start each word with a capital letter

Rules for writing your password on paper

Stealing a piece of paper is easy, so write down only the first three words on paper. Memorize the last, fourth word immediately.

Writing your password on paper is only a temporary solution and carries risks:

  If an attacker knows three of the words, it significantly reduces your device's security!

  This is a temporary solution only for the period until you fully memorize the password

  Store the full password securely in a Password Manager, where it is protected by your Master Password

  Memorize all the words as quickly as possible and destroy the paper

DNS

FOI Security Policy will add two Encrypted DNS servers to the device — Cloudflare and Adguard.

Visit the DNS page and configure the necessary settings.

VPN

Visit the VPN page, install the VPN provider's application and connect to a server.

Help