_FULL DISK ENCRYPTION is a security essential for every device. With full disk encryptionA process that encrypts all the data stored on the hard disk of a device while it powers down. This prevents someone without the decryption key from reading or tampering with your device's data. enabled, all the data stored on your phone is scrambled the moment the device is turned off. All that sensitive data — contacts, photos, emails — remain scrambled until the next time your device is turned on and unlocked.
Full disk encryption protects your data from being read or downloaded if your device is confiscated or lost, say, when you’re shooting in the field or traveling across borders. If you’re concerned about your mobile data getting into the wrong hands, there’s some good news: Full disk encryption is available on most mobile phone models, and sometimes it’s even enabled by default.
This is important: The encryption on your phone is only as strong as the weakest link, typically your passcode. We recommend setting a screen unlock passcode with a minimum of 10 numbers and letters. Using a number PIN or pattern option as your default passcode offers less protection, especially if you're at heightened risk of losing control of sensitive data by confiscation, theft, or loss. Here are our recommendations for creating a strong alphanumeric passcode.
Biometric unlock through a fingerprint reader or face scanner is fine for low-risk circumstances (e.g., working from your home office, attending a community panel). Whenever you are going into a situation with a high risk you might be forced to unlock your phone (e.g., border crossing, protest), consider disabling biometric unlock to limit that risk.
iPhone users:
Full disk encryption is automatically enabled on every iPhone, straight from the manufacturer.
Don’t stop there, set an alphanumeric passcode to increase your phone’s security under Settings>Touch ID & Passcode>Change Passcode. We recommend setting a minimum of 10 characters with letters and numbers.
Android users:
To check if you’re covered by full disk encryption, go to Security within your Settings.
Some newer Android devices (e.g., in the Google Pixel line) have full disk encryption enabled by default. To check if you’re covered by full disk encryption, go to Security within your settings.
Depending on your phone’s make and model, you should see an option for Encryption or Encrypt Phone or File-based Encryption. (It might be slightly different, depending on your phone.)
When you first enable encryption, the process can take a while. Confirm that your phone is plugged in and prepare for some downtime before proceeding.
As an added measure, set a strong screen lock passcode on your device. Ideally, set a 10 character passcode, containing numbers and letters.