OneDrive security best practices on your phone: Easy guide

To avoid Microsoft OneDrive security issues when using the app on your phone, let’s take a look at how to increase security and add PINs and biometrics to block unauthorized access to files.

Whether you have the basic free storage space on OneDrive or if you pay for more, such as with a Microsoft 365 subscription, you should protect your files and documents from others who might want to access them, steal them or just cause mischief.

The OneDrive app on an iPhone or Android phone is very useful for browsing the files stored in your online storage space and you can view and manage them. Files can be moved, renamed, shared, and deleted.

A nice feature of OneDrive app for phones is that it can also stream media files, so you can view photos, watch videos and listen to music files you have stored online.

It is hard to imagine anyone not locking their phone and they are usually protected with a password, PIN, fingerprint or face recognition. You might think that this is sufficient to protect your files in OneDrive, but there are situations where it may not be.

You could lend your phone to someone, perhaps even giving it to a child to entertain themselves with some games. You might leave your phone on your work desk or a coffee table when out with friends. Someone might pick it up when you go and get a drink, visit the bathroom and so on. Your partner might know the PIN to unlock your phone – mine does, but I know hers too (don’t tell her!).

What is there to prevent them opening the OneDrive app on the phone and seeing all your personal documents, photos, videos and so on? What if the child you lend your phone to decides it would be fun to delete all your files?

To prevent potential security issues like these, you should lock the OneDrive app on your iPhone or Android phone to prevent anyone from accessing your private files.

The app has all the security features you need, but if you have auto-updates on for apps on your phone, you might not have noticed when they were added.

Here is a guide to the security features you need in OneDrive. I will be using a budget Android phone, a Samsung Galaxy M31, but everything here can be found in the iPhone app too.

1 Go to settings

OneDrive app for Android

Open the OneDrive app on your phone and press Me in the bottom right corner of the screen. Press Settings in the menu that appears. (On the iPhone, tap your Avatar in the top left corner.)

2 Enable Passcode

OneDrive phone app passcode security

Press Passcode in Settings and then turn on the switch to enable security in the OneDrive app. When this is off, anyone that has access to the phone can open the OneDrive app. When it is on, they are asked to enter the PIN. Turn it on.

3 Create a PIN code

OneDRive phone app security PIN

You are asked to create a six-digit PIN code. Do not forget it because you will not be able to open the OneDrive app without it. Store it somewhere safe, such as in a secure note in your password manager.

4 Use biometrics for OneDrive

OneDrive biometrics security feature

You are asked to confirm the PIN you created, then up pops a message asking if you want to use biometrics instead. There are two icons – a fingerprint and face recognition.

You must have a phone that supports one or both of these functions, either fingerprint or face ID, and you must already have them set up. Usually, they will already be set up because they are so much more convenient than typing in a PIN code every time you want to use your phone.

5 View passcode settings

OneDrive phone app passcode settings

The Passcode settings screen appears, but if not, you can come here anytime by tapping Passcode in Settings. One thing you might want to change is Passcode time-out. Press it and select how long you have before the OneDrive app is locked. It can be anywhere from five seconds up to two minutes. Make sure Use biometrics to… is turned on.

Now no-one can open the OneDrive app on your phone without the PIN, fingerprint or face ID.

6 Set up OneDrive Personal Vault

OneDrive Personal Vault

Although the app is now locked, there is still more security that can be added and files can be placed in a Personal Vault. Suppose someone got access to your OneDrive account, perhaps on a computer or a device that did not have much security on it. There might be files you do not want them to see. They can be securely stored in a folder called Personal Vault.

This is an encrypted folder that has its own security settings and it can have a different PIN to the one used to secure the phone app. No-one can access files in Personal Vault, not even Microsoft.

OneDrive Personal Vault in the phone app

If you have not set it up before, tap it to do so now.

7 Create a Personal Vault PIN

Create a Personal Vault PIN in OneDrive on a phone

Although you could use the same PIN as the one used to unlock the OneDrive app, it is best to give Personal Vault its own unique PIN. Store it somewhere safe, like a secure note in a password manager. Be aware that any files you put in there will be lost if you forget the PIN – Microsoft cannot recover it.

8 Add files to Personal vault

OneDrive Personal Vault in the phone app

The Personal Vault opens and there are some ready-made suggestions as to what you should put in there. You can actually store any file you like in it and you do not have to use these suggestions.

If you are using OneDrive for free, you can only put three files in there. However, a zip archive is counted is one file, even though it could contain many files.

9 Personal Vault options

Personal Vault menu in the OneDrive phone app

You can add files later, for now, let’s continue with the security settings. Tap Personal Vault at the top to show a menu and then tap Personal Vault settings.

10 Configure OneDrive Personal Vault

OneDrive personal Vault settings in the phone app

There is an option to manage two-factor authentication and download the Microsoft Authenticator app if necessary, but what we are interested in are the two security settings at the bottom. One is Lock on Exit. Turn it on and Personal Vault is locked as soon as you exit it.

Personal Vault can also auto-lock if not used for a certain period of time. Tap Auto-Lock and choose from 1 to 10 minutes.

That’s it, OneDrive is now super secure on your phone. It is safe to let others use your phone, like a partner or child, and they cannot access your OneDrive files. Even if they could, they would still be locked out of Personal Vault.

Leave a Reply