Skip to main content

Reading is great. Tracking makes it stick. Sign up for a free Dashboard to tick off tasks and see your Security Score.

Get my free Dashboard →
Secure ConfigHigh priority

About 5 minutes to complete

Set a strong screen lock on your phone

Set a PIN, password, or biometric lock on your phone so that no one can access it if it is lost or stolen. A screen lock is the single most important protection on a mobile device.

Why this matters

Your phone contains your email, banking apps, photos, and the ability to reset almost every other account you own. Without a screen lock, anyone who picks up your phone has immediate access to all of it. A strong PIN or biometric lock takes thirty seconds to set up and is the most impactful single step you can take for phone security.

How to do it

  1. On iPhone: go to Settings → Face ID & Passcode (or Touch ID & Passcode on older models) → Turn Passcode On. Choose a 6-digit PIN as a minimum — or a custom alphanumeric code for stronger protection.
  2. On Android: go to Settings → Security → Screen Lock. Choose PIN, Password, or Pattern — PIN or Password is stronger than Pattern.
  3. Enable biometrics (Face ID or fingerprint) as a convenient alternative — but always set a PIN as the backup, since biometrics can fail.
  4. Avoid using obvious PINs such as 1234, 0000, or your birth year.
  5. Test that the lock works by locking your phone manually and confirming it asks for your PIN or biometric before granting access.

Need a more detailed walkthrough?

Our step-by-step guide explains each action in full detail, with confirmation steps and related tasks.

View full step-by-step guide →

Cyber Essentials framework

This task falls under the Secure Configcontrol, one of five areas assessed in the UK's Cyber Essentials scheme. Completing it counts toward your Cyber Essentials alignment. Create a free account to track your progress across all five areas.

Frequently asked questions

Is a PIN strong enough, or do I need a password?

A 6-digit PIN is good enough for most people. Avoid obvious patterns such as 123456, 000000, or your birth year. If you want stronger protection, use an alphanumeric password; a 6-digit random PIN combined with Face ID or fingerprint is a practical, secure choice for everyday use.

Is Face ID or fingerprint unlock safe?

Biometric unlock (Face ID, fingerprint) is safe and convenient for everyday use. It protects you from casual access: someone picking up your phone cannot unlock it without your face or fingerprint. Always set a PIN as a backup, since biometrics can fail in certain conditions such as wet hands or bright sunlight.

What happens if someone forces me to unlock my phone?

On iPhones, press the side button and either volume button five times to trigger Emergency SOS; this also temporarily disables Face ID and requires a PIN instead. On many Android phones, rapidly pressing the power button five times triggers a similar lockdown. Check your phone's emergency settings to see what is available on your device.

Should I use the same PIN for my phone and my bank card?

No. Use a different PIN for each. If someone sees you enter your bank card PIN, you do not want that same number to unlock your phone, and vice versa.

On an Android phone? How to set up screen lock on Android

Track your security score for free

Create a free Cyber Nova AI account to tick off tasks like this one, see your Security Score, and stay on top of what you've done and what's still to do.

Start your free security check