How to Lock Down Your Devices Before Lending Them to Someone

Handing someone your phone or laptop can feel harmless, like passing over a pen for a quick signature. But your device isn’t a pen. It’s a pocket diary, a wallet, a keyring, and a photo album, all rolled into one.

The tricky part is that most people you lend to aren’t “hackers”. They’re curious, rushed, or clumsy. A tap in the wrong place can expose private messages, auto-fill a password, or buy something you didn’t mean to buy. And in January 2026, personal data is even more valuable to scammers, because a few details can be stitched into convincing AI-powered fraud.

Think in “borrower scenarios”, not settings menus

Before you change anything, picture the moment you’re lending the device. Are you letting a friend make a quick call? A colleague present slides? A child play a game in the back seat? Each scenario has its own risks.

Here’s what usually goes wrong:

• Lock-screen leaks: notifications pop up with one-time codes, banking alerts, calendar details, or message previews.
• Auto-saved access: your browser, email, cloud storage, and password manager may already be signed in.
• Accidental spending: contactless payments, app-store purchases, and “one-tap” buying can trigger by mistake.
• Curiosity clicks: people open Photos, Files, or Messages without thinking. It’s human.
• Targeted scams: if someone sees enough personal info (name, email, workplace, addresses), it can feed a later scam. Modern fraud often relies on believable detail, not technical skill.

If you want a practical, phone-first view of this problem, WIRED has a solid guide on how to safely lend someone your phone, including common “oops” moments that catch people out.

The goal isn’t to treat the borrower like a criminal. It’s to reduce exposure so you can lend the device without that uneasy feeling in your stomach.

Lock down a phone fast (iPhone and Android)

Phones are the hardest to lend safely because they’re built for quick access. The good news is you can lock things down in minutes if you focus on the big wins.

Do the “two-minute privacy sweep” first

Update your phone if there’s a pending security update. Unpatched software is still one of the easiest ways in.

Then:

• Close sensitive apps: banking, email, password managers, messaging, notes, photo vaults.
• Check what’s on your lock screen: hide message previews and sensitive notification content.
• Turn on auto-lock: set it to a short time (around 30 to 60 seconds). If the phone leaves your hand, it should lock itself quickly.

Use a single-app mode when possible

If the person only needs one app (a call, a video, a document), don’t hand over your whole phone.

• On iPhone, use Apple’s built-in “Guided Access” (in Accessibility) to keep the device in one app and limit taps in certain areas.
• On Android, use “Screen pinning” or “App pinning” (wording varies by brand) to lock the phone to one app until you enter your PIN.

This is the closest thing to giving someone a “visitor pass” instead of your house keys.

Strip out the tempting stuff

A few small toggles reduce risk a lot:

• Wallet and payments: consider removing quick access while you lend, especially if you’re lending for more than a moment.
• Saved passwords: if your browser auto-fills, sign out or disable auto-fill temporarily.
• Photos access: if you’re showing pictures, use an album you’ve chosen, not the whole camera roll.
• Location sharing: switch off location services if it’s not needed. It stops accidental check-ins and reduces what apps can pull.

If you’re lending the phone for longer, the safest option is to use a guest profile (where available on Android) or temporarily remove sensitive accounts. The aim is simple: they can use what they need, and nothing else.

Lend a laptop without lending your entire account

Laptops feel safer because they’re “work tools”. In reality, they often hold more: tax files, scanned passports, medical PDFs, password managers, and browser sessions that never logged out.

The safest move is boring, and it works: never lend your main user account.

Create a separate user that can’t change much

Before you hand over a Windows PC or Mac:

• Create a new standard user (not an admin).
• Log into that account and check it has access only to what’s needed.
• Turn on a strong password for your main account and make sure it’s not shared.

On Chromebooks, Guest Mode is often the cleanest approach because it doesn’t keep local browsing data after sign-out.

The UK’s National Cyber Security Centre has detailed, organisation-friendly advice in its device security guidance. Even if you’re not a business, the principles still fit home use: protect accounts, limit access, and keep devices updated.

Encrypt and lock: your “stolen device” plan

Lending can turn into losing. Devices get left in taxis, pubs, and meeting rooms.

Make sure encryption is on:

• Windows: BitLocker (where available)
• Mac: FileVault

Encryption means that if someone boots from a USB stick or removes the drive, your data stays scrambled without your login.

For practical basics across phones and laptops, this checklist on securing laptops, phones, and other devices is a good reminder of the fundamentals: lock screens, backups, and physical safety.

Don’t forget the browser

Browsers are where most people “live”, and they’re full of saved sessions.

Before lending:

• Use a separate browser profile or a different browser entirely.
• Sign out of email and cloud drives.
• Remove saved cards from the browser if they’re stored.
• Check extensions. A helpful extension for you might be a privacy nightmare if someone starts clicking around.

If the laptop contains client or customer data, treat the loan as a security event, not a favour. The FCA’s guidance on data security responsibilities is written for firms, but the lesson applies widely: restrict access, log out, and protect sensitive data like it actually matters, because it does.

After you get it back: a quick “tamper check” that takes 10 minutes

Most people stop at “thanks, got it back”. That’s when small problems linger. A borrowed device can return with a new Bluetooth pairing, a logged-in web session, or a downloaded file you didn’t ask for.

Run this short checklist:

Check what changed

• Look for new apps (phones) or new programmes (laptops).
• Check downloads and recent files.
• Review browser history and new extensions.
• Check paired devices (Bluetooth headphones, cars, watches). Remove anything you don’t recognise.

Review account access

If the borrower used your device while you were signed in, assume some tokens could still be active.

• Review “recent sign-ins” where your main accounts allow it.
• Sign out of other sessions for email, social apps, and cloud storage.
• If anything feels off, change the password and turn on 2-step verification.

Clean up and reset your protections

Turn back on anything you disabled for convenience:

• Find My iPhone / Find My Device
• Location services (if you normally use them)
• Auto-lock timing and lock-screen notifications (set to your preference)

If the device was out of your sight for a long time, or if you lent it to someone you don’t know well, consider the stronger option: back up and factory reset. It’s not always necessary, but it’s the cleanest way to return to a known-good state.

Conclusion

Lending a device shouldn’t mean lending your inbox, your bank, and your entire photo history. A few habits make the difference: use single-app or guest modes, keep your main account private, and lock down notifications and saved logins.

Treat your device like a home with rooms you don’t want visitors entering. You can still be generous, just be selective about what you hand over.