Should you encrypt your Galaxy S8's SD card?
We've written what you need to know about the Galaxy S8's SD card and how you can move some Android apps from the internal memory to it, and a common question that pops up (as it does when we talk about any phone's SD card) is whether or not to encrypt it.
It's a legit question. There are both pros and cons to encrypting the card, and it's hard to get a clear picture when information is spread across many different places. We can try to remedy that and have a clear and concise discussion about SD card encryption sp you can make up your mind after you know a little more. If you've waded through the technical words and terms that experts use and just want a plain answer, this is for you!
Looking for a good microSD card for your Galaxy S8? Check out our guide!
Security is not convenient
The only real reason to encrypt your SD card in any phone is so that the only way to see what's on it is to unlock the screen. It doesn't matter what you have on the card or what anyone else thinks; if you want to make sure nobody can look at what's on the card if you lose your phone or it gets stolen you have to encrypt it. Some programs store their data on the SD card with encryption enabled, but encrypting the entire card is the only way to protect everything in one shot.
Think about that for a second — the only way to see what's there is to decrypt it and that can only happen when you have your phone powered on and unlocked. Guarding your photos or anything else you've saved on the card by encrypting it is a pretty easy thing to understand and see the benefit. But the reasons why you might not want to do it are pretty compelling, too.
- You can't see anything on the card unless it's inside the phone that encrypted it and the phone is unlocked. That means you can't take it out and use it in anything else unless you erase everything and reformat it. if you stick it into your PC to copy music or a big video to the card, it won't work; your computer will tell you it needs to be formatted. The same goes for another Android phone, even another Samsung brand phone. Which brings us to the next reason ...
- If your phone dies, all the data on the SD card dies along with it. If something happens to your phone and you can't get it back to a usable state so you can decrypt the card, the data is gone forever. It's really cool that SD card encryption can keep some creep who stole your phone from seeing all your pictures. It's less cool when you break your phone or it has a hardware fault and you can't see all your pictures. Or copy them somewhere.
This is because Google (Samsung uses the code from Google for encryption) follows old-school hardcore nerd thinking when it comes to encryption. Namely, that if you're going to bother encrypting something, you do everything possible to sandbox the data from the outside world unless it's decrypted. Microsoft, for example, lets you encrypt a volume (a partition or storage drive) and decrypt it in another machine if you have the right passphrase. They have lightened up a little bit because they understand people don't want to lose everything if there's a problem and that most of us don't bother making backups of anything unless it's automatic. Google assumes you understand the situation and will make regular backups in case something fails because locking the encrypted volume to specific hardware is more secure.
Neither is right and neither is wrong, they are just very different ways of approaching security. In a perfect world, both companies would have a setting so you could do it either way, but that's a lot of work and the world isn't perfect. What's important is that you understand that Google won't let you use another phone to get what's on the card if it's encrypted. Important enough to use ugly bold letters, even.
So, should I?
Nope. This is a classic case of "if you have to ask, then no" and we're not even trying to be arrogant. Not even a little bit.
If you are asking yourself that question, you weren't told you had to encrypt the card by your boss or IT manager, or that you don't have anything on the card that you know you need to protect with encryption. These are really the only time it's worth bothering to encrypt the card. This is why it's optional in the first place. Having a secure lock screen keeps anyone from seeing what's on your card when it's inside the phone. Encryption makes sure that applies when it's out of the phone, too.
If you have random pictures of the cat or your friends and family being silly, some music you like and a picture or two you downloaded from Facebook, ask yourself if it's worth the hassle. There are even apps you can use (opens in new tab) to encrypt some of the folders without encrypting the whole card. If you have a Galaxy S8, one's built into your phone in the Secure Folder feature you'll find in the settings.
We're also not trying to discourage you here. We like to think that when it comes to our privacy and our data, encryption makes everything better. But not everyone here at Mobile Nations has a Galaxy S8 with an encrypted SD card because the risk of losing it if the phone breaks (or gets stolen or gets lost, etc.) is not worth it. The stuff on the card is too important to lose, and not important enough to encrypt.
There are a lot of things that need an additional layer of security and your things may be some of them. If you keep those kinds of pictures or have files you wouldn't want anyone to see without your permission, you might want to add the extra lock that encryption offers. Nobody can say you shouldn't want to keep your stuff "safe." Just know how it works and be diligent with the backups.
Get the Android Central Newsletter
Instant access to breaking news, the hottest reviews, great deals and helpful tips.
Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Twitter.
Now I use Nine email client which allows me to encrypt the app itself rather than the entire system so no need to encrypt my card.