Google is adding a new layer of protection to Android devices: if a phone remains locked for three consecutive days, it will automatically reboot. The feature is part of the latest update to Google Play Services, which rolled out this week across supported Android devices.
Listed under the “Security & Privacy” section of the update, the feature is designed to enhance user data protection during extended periods of device inactivity. While Google has not publicly elaborated on the specific reasons for the change, the security implications are clear: automatic rebooting resets the device to a more secure state known as “Before First Unlock,” where all sensitive data remains encrypted until a passcode is entered.
This approach mirrors a similar function introduced by Apple in 2024, reinforcing a growing trend among mobile operating systems to guard against unauthorized data extraction. The reboot mechanism aims to make it harder for unauthorized actors—including digital forensic tools used by law enforcement or others—to access user data by exploiting the phone’s “After First Unlock” state, where partial data decryption can occur.
When a smartphone is first powered on, much of its user data remains inaccessible until the correct PIN, password, or biometric input is provided. In contrast, once a phone has been unlocked even once after a reboot, a portion of that data becomes more vulnerable to various forms of digital forensics, such as brute force attacks or exploits targeting flaws in the system.
Tools from companies like Cellebrite and Magnet Forensics often operate in this post-unlock state, attempting to extract data while the device is more exposed. By forcing a reboot after a set period of inactivity, Android devices will now revert to their most secure, encrypted state by default.
The Android auto-reboot feature will apply system-wide via Google Play Services, meaning most recent Android phones should receive the update automatically without requiring a full operating system upgrade.
This move signals a broader shift in how major mobile platforms are handling long-term data security, especially in light of increasing interest from governments and third parties in accessing data stored on personal devices. While some users may not notice the change, those concerned with privacy and data integrity will likely welcome the added protection.
