Not Just For Secret Agents and Celebrities: Phone Encryption Explained

April 8, 2020  |  Dashlane

Does phone encryption make you think of secret agents, influential billionaires, and celebrities with something to hide? If only that were the case. The fact is, even if you don’t work in a high-security-clearance-required type of job, and even if your mobile device isn’t full of dirty secrets, there’s still plenty of data on your phone that could prove to be a treasure trove for cyber criminals. Consider this your ultra-quick crash-course on encryption.

The easiest way to think of encryption is that it takes the information on your phone and it translates it into a secret code. Unless you have the exact formula to the code, then everything looks like gobbledigook. If you’re familiar with the work of Alan Turing (and/or if you saw The Imitation Game), then you get the concept. With your phone, though, the only thing that knows the secret code is…your phone. You enter your password, and the phone applies its decryption code so you can access all of your stored data.

These days, most phones use what is known as 256-bit encryption, which is considered military grade. If trying a brute force attack, it would take even the world’s fastest supercomputer millions of years to exhaust all of the permutations of 256-bit encryption. That being said, the FBI, and probably other high-level organizations, have found ways to break into encrypted phones, but they would have to be highly motivated to do so.

You might think that you don’t have anything worth encrypting. You don’t have any deep, dark secrets. You aren’t a high-profile millionaire. You don’t have any shady dealings. Unfortunately, each of us has data on our phones that could be deemed worthy of stealing, from financial information, to passwords, to our upcoming schedule, to the information for all of our contacts. All of that can be sold, and can be used to wreak havoc on your life, from identity theft to harassment.

But there’s another reason for average people to encrypt their data: It normalizes security. If only a few people are using encryption then it looks like they have something to hide (or something worth stealing, if you’re a baddie), but if everybody is doing it, then we all just appear to be normal, security-conscious people. Plus, there’s really no disadvantage to encrypting your phone. It doesn’t slow your phone down in any noticeable way, and it will be far more secure if it ever does fall into the wrong hands.

Here’s some good news: Chances are your phone is already encrypted. iOS devices have been using encryption by default for many years. Android was a bit slower to jump on the bandwagon, but most devices based on Android 6.0 or higher are encrypted. There’s so much differentiation within the Android ecosystem, however, that it’s worth checking. Here’s how to do it:

Android
Again, because there are so many different Android manufacturers, different phones will have somewhat unique menu systems, but you should be able to find it in more or less the same way.

From there your phone will show if it’s already encrypted. If not, click Encrypt Device and follow the instructions. You’ll need to select a secure PIN for your phone if you haven’t already (and you really should have).

iOS
Your iPhone is almost certainly already encrypted, but if you bought it second-hand or it was issued to you by your company, then it might be worth double-checking, just to be sure.

Encrypting your phone doesn’t mean you don’t need to practice other safe habits, and you still need a secure pass code, but it’s a little setting that can make a big difference to your security.

Dashlane

Dashlane is a web and mobile app that simplifies password management for people and businesses. We empower organizations to protect company and employee data, while helping everyone easily log in to the accounts they need—anytime, anywhere.

Read more