Skip to content

General Recommendations

Before entering a high-risk environment

If you expect that your device may fall into the hands of adversaries in a particular environment (e.g., a protest, a border crossing, or any high-risk situation), it is essential to follow several recommendations.

Any encrypted device (laptop, smartphone, etc.) has two modes — Before First Unlock (BFU) and After First Unlock (AFU). The first mode is active when the password has not been entered after a restart, while the second is active when the password has been entered at least once.

The security differences between these modes are quite significant. After the first unlock, extracting information from the device is still possible regardless of how strong a password you have used. The scale of the information depends on the device and its general security, and therefore, we should consider that handing over a device in AFU mode to an adversary is not safe.

  • Follow all recommendations on this site for all your devices
  • Power off all devices left at home

  • Do not disable Face ID / Touch ID! These features are automatically disabled when the device is powered off

    • Explanation: if you can still comfortably use the device after disabling these features, it means you are using a password on the device that can be easily cracked.

The risk of your device falling into adversary's hands is immediate and unavoidable

  • Power off all devices you have with you — in this case, the device will enter BFU state and extracting data from it will be very difficult or impossible
  • If detained, contact a lawyer, but not from your phone! After entering the password, your phone may be confiscated and they will attempt to examine the data on your device. Request to make the call from a different device

If you cannot power off the device in time, activate the special mode on your mobile that will temporarily disable Face ID / fingerprint unlock.

Quick biometric disable

iOS and Android systems have methods to quickly disable Biometric Authentication. In this case, the next device unlock will only be possible with a password.

For Android, the availability of Lockdown mode depends on the device manufacturer. For Android users, it is recommended to use a Google Pixel device, where this mode is confirmed to exist.

  • Press the power button quickly 5 times.
  • Or, alternatively, press and hold the power and volume up or down buttons simultaneously for 5 seconds.
  • Biometric Authentication will be disabled
  • Press and hold the power button for a few seconds, select Lockdown

If your device is lost or stolen

  • Immediately change all important account passwords from another secure device
  • Use the remote wipe function if available
  • Block your SIM card with your mobile operator
  • Notify the relevant authorities (police, employer) about the device loss
  • Cancel any bank cards or financial information that was connected to the device

General security recommendations

Help