US flag signifying that this is a United States Federal Government website

  Official website of the Cybersecurity and Infrastructure Security Agency

Official websites use .gov

A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS

A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. About NICCS >>
  2. Featured Stories >>
  3. Safeguarding Your Smartphone

Safeguarding Your Smartphone

When the world’s first modern computer—the Electronic Numerical Integrator and Computer, or ENIAC—was introduced in 1946, it filled a 1,500-square-foot room. Today, computers fit in our pockets as smartphones. But as the Internet continues to expand and evolve, increasing convenience and use, risk follows suit. Today, more than 5 billion people have mobile devices, and over half of these connections are smartphones. This means that almost two-thirds of the world’s nearly 8 billion people are texting, video conferencing, navigating with GPS, sending and downloading pictures, watching videos, and using their phones for more than just talking.

With such massive amounts of personal data so easily accessible, smartphone security requires just as much attention as the security of your home or office computer. To protect your devices and personal information, there are some best practices that anyone can use to greatly reduce risk:

  • Use PINs and strong passwords on your mobile device. This is your first line of defense in the event of loss or theft. Set your phone to automatically lock after being idle and use a password manager to store all passwords. With just one master password, a computer can generate and retrieve all your other account passwords.
  • Only install apps from reputable sources. Jailbreaking, installing apps from unknown sources, and other workarounds that allow free access to paid apps and games can be tempting, but can create large security gaps that allow malware to infect your phone, leaving your personal information at risk.
  • Stay current with software updates by applying them as soon as they become available. Besides adding new features, updates also patch security weaknesses and fix other bugs that cybercriminals can exploit.
  • Use multi-factor authentication (MFA). Passwords can be easily compromised—stolen, hacked, even guessed. MFA reduces the risk of others accessing your phone by asking for multiple pieces of information to grant access to a device or account. For example, when you log into your bank’s website, one MFA factor is your debit or credit card number—or “something you have.” To continue, you might then have to answer a security question—or “something you know.” Without these two MFA components, your login will fail. Similarly, smartphone users can use a passcode (“something you know”) in addition to biometric identifiers like facial or fingerprint recognition (“something you have”) to conveniently gain access to their phones and prevent others from doing the same. 

For more tips on keeping your mobile devices and personal data secure, be sure to visit the Federal Communications Commission’s (FCC) Smartphone Security Checker webpage and check out the STOP. THINK. CONNECT.™ (STC) Campaign for tools and tips for online security.