Android & iOS security settings, apps, and commands
ESSENTIAL SECURITY
Android: Core Settings
Enable Google Play Protect
Settings → Security → Google Play Protect → Scan apps with Play Protect: ON
→ Improve harmful app detection: ONFind My Device
Settings → Security → Find My Device: ONTrack/erase remotely at android.com/find
Screen Lock (Strongest First)
Settings → Security → Screen lock:
1. Fingerprint + PIN/Password (Recommended)
2. Strong PIN (6+ digits, not birthday)
3. Password (12+ characters)
AVOID: Pattern (smudge attacks), 4-digit PINLockdown Mode (Android 9+)
Settings → Security → Show lockdown option: ONPower button → Lockdown: Disables biometrics, requires PIN
iOS: Core Settings
Find My iPhone
Settings → [Your Name] → Find My → Find My iPhone: ON
→ Send Last Location: ONStolen Device Protection (iOS 17.3+)
Settings → Face ID & Passcode → Stolen Device Protection: ONRequires Face ID for password changes, Apple ID modifications
Screen Lock
Settings → Face ID & Passcode → Require Passcode: Immediately
→ Erase Data: ON (10 failed attempts)ADVANCED HARDENING
Android: Developer Options
Enable Developer Options
Settings → About phone → Build number → Tap 7 timesSecurity-Focused Settings
Settings → System → Developer options:
→ USB debugging: OFF (keep off unless needed)
→ Verify apps over USB: ON
→ Demo mode: OFF
→ Memory: Check usageDisable ADB When Not Needed
# If you enabled USB debugging, disable via ADB:
adb shell settings put global adb_enabled 0iOS: Lockdown Mode (High-Risk Users)
Settings → Privacy & Security → Lockdown Mode: ONWhat it blocks:
- Most message attachments (images load after click)
- Link previews in Messages
- Just-in-time (JIT) JavaScript compilation
- Incoming FaceTime calls from unknown contacts
- Shared albums in Photos
*For journalists, activists, executives *
APP SECURITY
Permission Audit
Android:
Settings → Privacy → Permission manager → Review each permission:
→ Camera: Only messaging/camera apps
→ Microphone: Only calls/recording apps
→ Location: Only maps/ride apps (set to "Ask every time")
→ Contacts: Only email/messaging apps
→ SMS: ONLY default SMS appiOS:
Settings → Privacy & Security → [Each permission]
→ Location Services: Set most to "Never" or "Ask Next Time"
→ Photos: "Selected Photos" instead of "All Photos"
→ Local Network: Deny for most apps
→ Bluetooth: Deny unless neededRemove Unused Apps
Android:
Settings → Apps → [App] → Uninstall
OR
adb shell pm uninstall --user 0 com.package.nameiOS:
Long press app → Remove App → Delete AppNETWORK SECURITY
Private DNS (Android)
Settings → Network & Internet → Private DNS → Private DNS provider hostname:Enter one:
dns.google (Google DNS)
1dot1dot1dot1.cloudflare-dns.com (Cloudflare)
dns.quad9.net (Quad9 - blocks malware)
family.cloudflare-dns.com (Cloudflare Family - blocks adult content)DNS Settings (iOS)
Settings → Wi-Fi → [i] next to network → Configure DNS → ManualAdd servers:
1.1.1.1
1.0.0.1
8.8.8.8Disable Wi-Fi Auto-Join
iOS:
Settings → Wi-Fi → Auto-Join Hotspots: Never
Settings → Wi-Fi → Ask to Join Networks: ONAndroid:
Settings → Network & Internet → Wi-Fi → Wi-Fi preferences
→ Turn off Wi-Fi automatically: OFF
→ Open network notifications: OFFENCRYPTION & BACKUP
Android Encryption
Settings → Security → Encryption & credentials
→ Require PIN to start device: ONModern Android: Encryption is automatic
iOS Backup Encryption
Finder/iTunes → [Device] → Backups → Encrypt local backup: ON
OR
Settings → [Your Name] → iCloud → iCloud Backup: ON
→ Advanced Data Protection: ON (end-to-end encryption)MESSAGING SECURITY
Switch to Secure Messengers
| App | Features | Best For |
|---|---|---|
| Signal | Open-source, disappearing messages, sealed sender | Daily communication |
| End-to-end encryption, 2 billion users | International calls | |
| Telegram | Secret chats, self-destruct | Large groups (avoid regular chats) |
| iMessage | E2E Apple-to-Apple, no phone number needed | iOS users |
Signal Security Settings:
Signal → Settings → Privacy:
→ Screen Lock: ON
→ Screen Lock inactivity timeout: 1 minute
→ Disappearing messages: Default 1 week
→ Read receipts: OFF (optional)
→ Typing indicators: OFF (optional)
→ Sealed sender: ONAUTHENTICATION
Password Manager Setup
Bitwarden (Recommended – Free)
1. Install from Play Store/App Store
2. Create account with STRONG master password (12+ chars)
3. Enable biometric unlock
4. Import passwords from Chrome/Safari
5. Enable Auto-fill: Settings → Auto-fill Services → BitwardenEnable 2FA on Password Manager
Bitwarden → Settings → Security → Two-step login → Authenticator appApp-Based 2FA (Never SMS)
Aegis Authenticator (Android – Open Source)
F-Droid/Play Store → Aegis
→ Add accounts via QR code
→ Enable biometric unlock
→ Export encrypted backup to cloudRaivo OTP (iOS – Open Source)
App Store → Raivo OTP
→ Same setup as aboveBLUETOOTH & NFC SECURITY
Disable When Not Needed
Android:
Settings → Connected devices → Connection preferences
→ Bluetooth: OFF (unless using)
→ NFC: OFF (unless using Google Pay)
→ Nearby Share: OFFiOS:
Settings → Bluetooth: OFF (Control Center doesn't fully disable)
Settings → NFC: OFF (iOS 17+)
Settings → General → AirDrop → Receiving OffForget Old Devices
Settings → Bluetooth → [Device] → Forget/RemovePrevents spoofing attacks
ANTI-THEFT & MONITORING
Android: Find My Device Commands
Website: android.com/find
Actions:
→ Play sound (even if silent)
→ Secure device (lock + display message)
→ Erase device (factory reset)iOS: Find My Commands
Website: icloud.com/find
OR
Find My app on another Apple device
Actions:
→ Play Sound
→ Lost Mode (lock + track)
→ Erase iPhoneCheck for Stolen Status
Android:
Before buying used: Check IMEI at imei.info
Settings → About phone → Status → IMEI informationiOS:
Settings → General → About → IMEI
Check: apple.com/activationlockPRIVACY CHECKUP
Android Privacy Dashboard
Settings → Privacy → Privacy dashboard
→ See which apps used permissions when
→ Revoke suspicious accessiOS App Privacy Report
Settings → Privacy & Security → App Privacy Report
→ Review network activity and sensor accessDisable Ad Tracking
Android:
Settings → Privacy → Ads → Delete advertising ID
→ Opt out of Ads Personalization: ONiOS:
Settings → Privacy & Security → Tracking → Allow Apps to Request to Track: OFF
Settings → Privacy & Security → Apple Advertising → Personalized Ads: OFFADVANCED: ADB COMMANDS
Audit App Permissions (Android)
# List all packages
adb shell pm list packages
# Check specific app permissions
adb shell dumpsys package com.facebook.katana | grep permission
# Revoke specific permission
adb shell pm revoke com.app.name android.permission.CAMERA
# Disable bloatware (keep package, prevent running)
adb shell pm disable-user --user 0 com.carrier.bloatwareCheck for Root/Security Issues
# Verify bootloader status (should be locked)
adb shell getprop ro.boot.verifiedbootstate
# Check for root
adb shell which su
# (Should return nothing if not rooted)SECURITY CHECKLIST
| Task | Android | iOS | Frequency |
|---|---|---|---|
| Update OS | Settings → System → Update | Settings → General → Software Update | Weekly |
| Update apps | Play Store → Manage apps | App Store → Profile | Weekly |
| Review permissions | Privacy → Permission manager | Privacy & Security | Monthly |
| Check Find My | android.com/find | icloud.com/find | Monthly |
| Backup data | Google One or local | iCloud or Finder | Weekly |
| Audit apps | Uninstall unused | Remove unused | Monthly |
| Change passwords | Password manager | Password manager | Quarterly |
⚠️ WHAT TO AVOID
❌ Never jailbreak/root (breaks security model)
❌ Don’t sideload apps (outside Play Store/App Store)
❌ Don’t use public USB charging (juice jacking)
❌ Don’t save passwords in browser (use password manager)
❌ Don’t click SMS links (smishing attacks)
❌ Don’t use free VPNs (often malware/data theft)
BONUS: BATTERY & PERFORMANCE
Android Battery Optimization
Settings → Battery → Battery usage → Restrict background for unused apps
Settings → Apps → [App] → Battery → RestrictediOS Low Power Mode
Settings → Battery → Low Power Mode: ON (or Control Center toggle)Reduces background activity, mail fetch, visual effects