How to disable installation from unknown sources on Xiaomi

Modern Xiaomi smartphones, powered by MIUI shells or the new HyperOS, offer users a huge amount of freedom, including the ability to install apps not only from the official Google Play Store.This feature, known as Install from Unknown Sources, is often necessary to use alternative app directories or specific software, but it also opens the door to potential security threats.

Owners of devices often wonder how to completely secure the gadget, closing access to the installation of untested devices. APK-Unlike older versions of Android, where there was one global switch for the entire system, modern versions of the Android operating system have moved to a permission model for each individual application. This means you can’t just turn off the switchboard “forever” for the phone as a whole, but you can and should revoke the rights of specific installer programs, such as browsers or file managers.

In this detailed guide, we’ll break down an algorithm that will allow you to disable installation for all suspicious apps on your smartphone.We’ll look at the differences in the menu of new and old firmware versions, explain why the system may prohibit certain actions, and provide tools to deep-check the security of your Xiaomi. Understanding these mechanisms is critical to preserving personal data and financial information.

Android security principles and risks of third-party APKs

Android is designed as an open platform, which is both a major advantage and a source of risk, and the mechanism of unknown sources was introduced to allow users to install software from alternative stores or directly from developer sites, but when this feature is activated for applications that you don’t trust 100%, the risk of getting malware or Trojans on the device increases many times over.

On Xiaomi devices, the situation is complicated by the presence of its own security system MIUI Security, which monitors the installation processes. However, if the user independently gives permission to the browser or messenger to install files, system protections can be bypassed.

⚠️ Note: Completely remove installation capability APK-You can't have a root-rights file without deep firmware modification, because it's a system function of Android. Your job is to make sure that no application has the right to run this process without your direct control.

Often users forget that once you install the right program, the permission remains active. If you download the game from the site, the browser is granted the right to install. Unless you take this right back, any file downloaded through this browser in the future can be automatically installed or proposed for installation without further questions.

📊 How you usually install applications?
Only Google Play.
APK-file
Third-party stores (RuStore, 4PDA)
I don't know how they're installed.

Step-by-step instructions for MIUI 12, 13, 14 and HyperOS

In current versions of Xiaomi shells, the permission management process is standardized, but the name of the items may differ slightly. To disable the installation, you do not need to look for one button in the settings, but you should go through the list of applications that have such a right. Start by opening the main menu of your device settings.

Go to Settings, then select Privacy Protection (some versions may simply call it Privacy) and in this section, look for Special Opportunities or Special Access Rights, which is where the key switches that control the behavior of the system are hidden.

☑️ Checking security settings

Done: 0 / 4

You need to find Install Unknown Apps. Once you log in, you'll see a list of all the programs that have ever requested or received the right to install files, usually including browsers (Chrome, Mi Browser), file managers, and instant messengers.

Check each app on the list. If the name is an active switch (blue or green), click on it to deactivate the resolution. The system can alert you to the risks — confirm the action. Repeat the procedure for all applications except those you are absolutely sure of (though it is better to remove the rights from everyone).

AnnexType of accessRecommended statusRisk of activation
Google ChromeAPK installationOff.High (downloading viruses from the network)
Mi Downloads.APK installationOff.Medium (automatic installation)
TelegramAPK installationOff.High (file transfer)
ConductorAPK installationOff.Medium (local files)

💡

The main idea: on new versions of Android there is no one button “Disable everything”, you need to manually prohibit installation for each application in the list “Special access rights”.

Customization for older versions of MIUI (10, 11 and older)

If you use an older Xiaomi device with a MIUI 10 or 11 shell, the security logic may be different. These versions often featured a single global switch that controlled the installation of applications from any source for the entire system, which made it easier to do, but made the device more vulnerable to accidental activation.

To find the settings, go to Settings and select Advanced Settings. In the list of options, look for Privacy. Here, at the bottom of the screen, there should be a Toggle Unknown Sources. If it's enabled, the system allows installation. APK-file-in-the-box.

When you try to disable this setting, the system may require you to enter a security password or a pattern lock if it is installed on the device, which is an additional security measure to prevent children from accidentally changing settings or when the screen is unlocked, and after you enter the code, the switch will turn gray, which means a complete ban.

What if there is no “unknown source” item?
In some custom MIUI builds or on Global ROM devices, this item may be hidden or moved. Try searching by settings by typing the phrase “sources” or check the “Security” section in the Services app (green zipper icon).

It’s worth noting that even on older versions of Android (starting with 8.0 Oreo), Google has implemented a phase-out of global resolution. So if you haven’t found a common switch, use the instructions for the newer versions described above, as the mechanism of individual permissions is a priority in modern security standards.

Management through the Security app

Xiaomi smartphones have a pre-installed system app Security, which duplicates many of the Android settings features but adds its own filters. It can block app installation even when the Android system settings have a formal permission, which creates confusion: the user thinks that the installation has been banned, and the phone writes “Installer Forbidden”.

Open the Security app (green zipper icon). At the top of the screen, look for the settings icon (cog) or go to Licenses and Notifications if the icon isn't on the home screen. You need a section related to app installation or real-time protection.

Find the setup for Installation Monitoring. If this function is active, the system will scan every single one of them. APK-In some cases, you can find the "Allow Installation from Unknown Sources" switch, which works as a master switch for Xiaomi's built-in antivirus.

  • 🛡️ Enable Installation Monitor: This won’t ban installation, but will check files for viruses before running.
  • 🚫 Turn off Developer Mode: Sometimes installation is blocked if the developer settings include the option “Check Apps via Play Protect».
  • 🔄 Update virus databases: In the Security app, click on the shield icon to update antivirus databases to the latest version.

It is important not to confuse Xiaomi’s system lock with Google Play Protect’s limitations. If Xiaomi Security allows installation and Google Play blocks, you need to go to the Play Store settings separately and disable Play Protect, although doing so is highly discouraged for the sake of security.

Specificity of work in the mode of the developer

For advanced users who use the developer mode to debug over USB or other technical tasks, it is important to know that there are also settings that affect the installation of applications. In particular, the option “Check applications through Play Protect” or “Debug over USB” can indirectly affect the installation process.

To get into this section, go to Settings → About Phone and quickly click 7-10 times on the line MIUI Version (or OS Version). After the message “You became a developer” appears, go back to the main settings menu and open Additional → For developers.

In this menu, find Debugging over USB. If it's on, the computer can access the phone's file system and initiate application installation. For maximum security in normal use, this item should be turned off.

⚠️ Note: Do not enable the “Installation through” option USB» It's a developer mode, if you don't know exactly why you want it, and it allows you to install apps from your computer without checking your phone's interface, which is a serious loophole for attackers with physical access to the device.

Also in developer mode, there may be a "Check Apps" option, which makes sure it's active, which will force the system to double-check every app you install through Google services, even if it's downloaded from a third-party source, which adds another layer of protection.

💡

Expert advice: After you have completed all the settings and installed the necessary applications, completely turn off Developer Mode at the top of the corresponding menu, this will close all technical access ports and prevent accidental changes in system parameters.

Solving the problem: why not turn off

Users often experience a situation where the switch in the settings is inactive (gray) or the system issues an error when trying to change the settings, which can be caused by several reasons, from administrator rights to the operation of corporate profiles.

The first common reason is that third-party apps have device administrator rights. Some antivirus, parental control programs, or enterprise clients (MDMs) can block changing security settings. Check the list of administrators in the Settings menu → Passwords and Security → Privacy → Device administrators.

If you see an unknown application that blocks changes, try revoking the permissions. If the "Delete" or "Deactivate" option is inactive, it may be that the application has deep system rights or is part of a system process that cannot be disabled without risking system disruption.

  • 👮 Parental Controls: If Family Link is set up on the phone, only the parent account can set restrictions.
  • 💼 Corporate Profile: Work applications may prohibit installation of software not from the corporate store.
  • 🐛 System Failure: Try clearing the Settings app cache through the Apps menu» → «All applications» → «Settings» → «Memory» → «Clean up».

In rare cases, the problem is that system files are damaged after a failed update. If standard methods don't work, you may need to reset to factory settings, but make sure to back up important data before you do.

💡

Important conclusion: If the switch is locked, look for an admin app or parental control—they dictate the security policy on the device.

Frequently Asked Questions (FAQ)

Can I completely remove the possibility of installing APK on Xiaomi?
You can’t completely cut this feature out of the system without flashing and modifying the system partition (which is difficult and dangerous), since it’s part of the Android kernel. However, by disabling permissions for all installer apps (browsers, explorers) in the Special Access Rights menu, you effectively block any installation option, since no program can run the installer.
Is it safe to turn on installation from unknown sources temporarily?
This is a risk if you download a file from a trusted source (the official developer site), and the rule is to turn on the permission for a specific application (e.g., Chrome only), go back to settings and turn off the permission back immediately after you install the file.
Why does Xiaomi say “Installation locked” even though I’ve let it go?
This works with MIUI Security, or Google Play Protect, built-in antivirus, which can block the installation of applications that are not digitally signed or are labeled as potentially dangerous, and to get around this (at your own risk), you need to turn off monitoring in the Security app and in Google Play settings.
Does disabling this feature affect the official applications?
No, absolutely not. Apps from Google Play, GetApps (Xiaomi store) and other official directories are installed through system services that do not require permission to Install from unknown sources. Your favorite social networks and games will work and update as usual.