Skip to main content

How to Improve android security

How to Improve Android Security

More and more people rely on their smartphones not just for pleasure but business as well. Some people even sleep with their phones as they cannot comprehend the loss of their valuable data, be it, contacts, family photos or even bank apps. It is no secret that using a lock screen with a strong password is the very first step but that is not the aim of this guide. In this guide, we will talk about security options that keep your device safe from online hacks and attacks.

1. Normal Password or Better Two-Factor Authentication

Whichever app you use whether it is for your bank or a government entity, always use two factor authentication if provided. It is very important because this provides an extra layer of protection that will come very handy not only when you want to reset your passwords but even if a hacker manages to find your username and attempts to reset the password he will be faced with a very difficult hurdle.

Beware of hackers and other malicious entities who will use Two-factor authentication to lure you into believing that they can send you SMS messages to show you that they are the real authority. When in reality, just about anyone can request a password reset text message if you have setup a phone number as part of your TFA.

2. VPN or Better Private VPN Server 

Use a public VPN service to encrypt your internet connection but beware of many free services as a malicious hacker could setup a fake VPN service which will be snooping on all your traffic and may even be able to intercept your SSL connection through reverse proxies or forward your requests to malicious DNS servers that could lead to phishing attacks.

My Unpopular opinion but very powerful is to have your own VPN server. While Virtual Private Servers have become pretty cheap some almost 5$ per month, you can easily set it up as your VPN server if you are willing to follow a few tutorials. If you are interested in such a tutorial for yourself, leave a comment below and I will write such a tutorial. Anyways, this should be cheaper than most VPN providers on the market and completely within your control. So long as you do not offer your VPN sever to the public it should fall under acceptable terms of use but nonetheless check with your VPS provider.

3. Password Manager or Encryption App

Common advice is to use different password for the different services you use. Common Advice is also to never store or write these passwords down. Many passwords and unreliable human memory is a very good recipe for disaster. Most of the articles on the web will then suggest a password manager and will even suggest such a wonderful PM app that you can rely on. But my advice is once again different.

Some of these password managers store your passwords in an online vault and hence need internet connection which is simply another possible backdoor. The most secure computer/server/mobile is the one which is switched off. I also always suggest not to blindly rely on these password manager as no one knows how they are storing it and who has access to it. A good password manager will lock all your passwords behind a master password but unlike the real world where you can physically block access to a room behind a key, this is not possible in software. You must use encryption where the master password becomes the key to decrypt encrypted data into the passwords for use. For convenience these password managers also automatically pick the password for you which like the internet connection can be a potential security hole. Take the matter into your own hands.

I instead suggest to avoid using password managers and find novel encryption algorithms that only encrypt the data for you, does not send it anywhere and does not do anything automatically with it. Once encrypted, you store this encrypted password on a device and tuck it away in a safe place. Only consult that device if you forget the password, do not use it for every day use. This is the safest option as even the most sophisticated hacker out to get you will cry his eyes out.

As developer of Dexacrypt, you can use it to perform the first step and encrypt any password then you can copy that encrypted password into a device of your choice a phone, another computer, somewhere in your VPS or a file in an online drive. As long as only you know the encryption key and location of where you are storing your passwords, none can hack them out.

4. Physical prevention of loss of phone or Better Emergency contact info & Find MY Device 

Losing a phone can literally be a life ending scenario. A lost phone ending up in the hands of a hacker is a treasure chest filled with all kinds of goodies. While there is no way to prevent losing a phone as we are human, we have to focus on its cure or recovery. The two options for recovery is to include emergency contacts which you can find in the About Phone section of your system settings, then find and tap the line labeled "Emergency information." and add an emergency contact — a close friend, family member, significant other etc. The other option is to use find my device which should be enabled from settings and as long as you're able to sign into your Google account, you'll be able to find your phone's last known location on a map and manage it remotely within a matter of seconds.

Conclusion

Above you will find some conventional & unconventional wisdom regarding your device security from an actual Android App Developer. Although I suggest my apps for download, it is in no way to simple make money off of you or from some sponsor. I wrote this article to promote my app and to explain why it would be a better option than third party password managers.

Comments

Popular posts from this blog

Top Android Encryption Apps

After I released my own android encryption app called Dexacrypt , I wanted to see what else was available on the market. Although, I thought my idea was unique there are already a large number of encryption apps on the market. Let's review some of them and rank them.  In this post, we will only look at message encryption apps and not advanced apps such as Surespot or SSE that provide file encryption or messaging. Meet the Contenders: Encrypt Messages And Text This app was last updated in November 2021 and has more than a 100,000 installs. Many reviews praise its simple UI and small size, however one user has specified that the latest version no longer works on Android 12. Secret Message - Encrypt/Decrypt Messages This app has a slightly larger size of 12 MB but only has 5000+ installs. The top review says and I quote, I am sorry but this is not as easy or self explanatory as it should be. You need to grab someone and hand them a phone and watch their expression. Ouch! maybe h...

Beware: Those who use chatGPT for their exams or work!

ChatGPT struggles with prime numbers! While trying to understand how the public private key cryptographic architecture works using chatGPT, I asked what is a coprime number after chatgpt explained its use in the said architecture. Here is the response in all its glory: Two numbers are said to be coprime (or relatively prime) if they have no common prime factors other than 1. In other words, their greatest common divisor (GCD) is 1. For example: 8 and 15 are coprime because their only common factor is 1. 14 and 15 are coprime because they share no common factors other than 1. 10 and 21 are not coprime because they both have 1 as a common factor. Looking at the first and then the last example which is supposed to be a counter-example as to what is not a coprime number, we can clearly see that chatgpt gives the same reason for each case i.e they only have 1 as a common factor. After further investigation, chatgpt replies: Apologies for the confusion. You're correct. 10 and 21 do not h...

GameDev Lessons: Endless Runners Part 1

Every Game Developer probably starts with an endless runner and there are many tutorials on the internet to do just that but after building a few myself, I can tell you that most of those tutorials are filled with bad advice which from a learning point of view makes sense to help a beginner get the concepts quickly but in the long run they can turn things into a gruesome mess which becomes a chore to update or improve upon. It is my opinion that although a tutorial should have instructions that are quick and easy to replicate, it is much more important to organize the code and assets in such a way that they can be easily built upon. Almost every tutorial at the end of the day should be self contained as much as possible so that they can be easily changed by the person following it. This means, instead of simply uploading a zip file containing the whole project, each part of the tutorial should be organized in such a way so they can be easily copied into an existing project. Now with th...