How to turn on and off unknown sources on Xiaomi: the complete guide

Owners of Xiaomi, Redmi and POCO smartphones often face a situation where the system blocks the installation of an application downloaded from the Internet. The screen form of security MIUI or HyperOS reports potential risk and requires permission. It is a mechanism for protecting against malicious code, but for advanced users it becomes an obstacle. Understanding how to manage this feature is necessary for anyone who wants to expand the functionality of their device.

The "unknown sources to turn off Xiaomi" question is relevant not only for those who want to ban software installation, but also for those who are trying to find a switch in new versions of firmware. The settings interface is constantly changing, and what worked a year ago may look different today. In this article, we will analyze the algorithms for all versions of the shell, from old MIUI 11 to the current HyperOS, and explain exactly where the switches are hiding.

Data security in the Android ecosystem is based on the principle of application isolation. The default system does not trust files received outside the official Google Play store. APK-If you have a file through your browser or you get it through Bluetooth, Android labels the source as unverified. When you allow the installation, you take responsibility for the integrity of the system, so it's important to know how to roll back that action quickly.

What are unknown sources in the Android system

The term "Unknown Sources" is often misunderstood. Many users think it's a global switch for the whole phone. In fact, in modern versions of Android, access control has become more granular. Now permission is given not to the phone as a whole, but to a particular installer application. If you downloaded a file through Chrome, then permission should be given to the Chrome browser.

This feature was introduced to minimize the risk of infection. Malware is often disguised as useful utilities or modified versions of games. System control prevents them from being quietly installed in the background. If an application tries to install other software without the user's knowledge, the security mechanism blocks this process. It is a critical barrier that should not be turned off thoughtlessly.

In Xiaomi devices, this mechanism is supplemented by its own layers of protection. MIUI Even if you've given permission to install, a virus scanner can block the launch. APK-If the signature is found in the threat database, the user can ignore the warning, but the system will insist on removing the suspicious object, which creates a double layer of verification that is sometimes annoying, but keeps the data intact.

⚠️ Warning: Never enable installation from unknown sources for applications you don’t trust 100%. granting such rights to instant messengers or games from questionable sources can lead to theft of passwords from banking applications.

There are two types of sources: system and third-party. System are file managers and browsers. Third-party are any other program that tries to initiate installation. In older versions of Android, there was a single switch in the settings that allowed everything at once. This approach is now considered a vulnerability, so MIUI 12, 13, 14 and later uses the principle of individual tolerance for each application.

Where to find installation settings in MIUI and HyperOS

Finding the right menu can take time, as Xiaomi likes to hide important features deep in the settings structure. The path to managing unknown sources depends on the shell version. In most cases, you will need to go to Settings, then select Apps and find Settings (usually in the upper right corner or at the bottom of the list), which is where the Special Opportunities menu or Other Settings are located, where the desired switch is located.

The new versions of HyperOS have changed a little bit, and now it's more likely to redirect the user directly when you try to install it. APK-When you get a file and you get an error, you often have a Settings or Allow button in the error window, and clicking on it automatically takes you to the right subpunk of the security menu for the specific source application, which simplifies the process by making it contextual.

For those who prefer the classic menu path, the algorithm looks like this:

  • πŸ“± Open the settings of your Xiaomi smartphone.
  • πŸ” In the search bar, enter "unknown" or "installation".
  • βš™οΈ Select "Install Unknown Applications" or "External Sources".
  • πŸ“‚ Find the application through which you will install the program (for example, Mi Browser or Explorer) in the list).

Sometimes users confuse this menu with the developer mode. USB And installation from unknown sources is different, and the developer mode is for connecting to the computer and deep debugging, and unknown sources are for manual editing. APK-Do not turn on the developer mode if you do not understand why you need it, as this opens up additional ports for potential attacks.

πŸ’‘

Use the search by settings: enter the word β€œsources” in the search bar of the main settings menu to instantly get to the desired section, bypassing long transitions on the menu.

Instructions: How to enable the installation of applications

The process of enabling the feature is simple, but requires care. First you need to download the APK installation file itself. When you first try to run it, the system will give a warning. This window will have a Settings button (or gear) and click on it, you will be taken to the permissions menu for the specific application you use to run the file (for example, Google Chrome or file manager).

In the menu that opens, you'll see the Allow Installation switch from that source. It needs to be activated. Then go back and press "Install." The system can again alert you to the risks by showing a countdown timer or requiring a password confirmation. It's a standard MIUI security procedure that can't be bypassed, but can wait.

β˜‘οΈ Algorithm for setting up the installation

Done: 0 / 5

If you use a third-party file manager, such as Total Commander or FX File Explorer, the procedure will need to be repeated for each of them. The permission issued for the embedded Files Explorer does not apply to third-party managers. This is done so that a malicious script that gets into one program cannot use another for its installation.

In some cases, especially on global firmware versions, input may be required. PIN-This is a screen unlock code or a password from a Mi Account, which is protection against accidental changes by a child or an unauthorized person, and make sure you remember the access code, or you won't be able to turn on the feature. After successfully installing the first application, the permission usually remains active for that source until you manually disable it.

How to turn off unknown sources on Xiaomi

The question of "unknown sources how to turn off Xiaomi" arises when a user wants to improve security after installing the right software or when the phone begins to behave suspiciously. There is no global "Switch off all" button in modern interfaces, since permissions are issued individually. You need to follow the same path as when you turn on, and deactivate the switches for specific applications.

The most efficient way is to search in settings. Type "unknown" into the settings search box. The system will list all the applications that have ever been given permission to install an APK. Go through the list and turn off the switches for all the programs that you don't use all the time for these purposes. Browsers and instant messengers usually don't need this permission.

There is also a radical method through application resetting, but it is not recommended unless absolutely necessary, as it will reset the settings of all programs. It is better to act point-by-point. If you see an application on the list that you do not recognize, or that should not have the right to install (for example, a calculator or voice recorder), immediately disable it. This can be a sign of the presence of a hidden malicious module.

⚠️ Warning: If you can't find the app on the list or it doesn't turn off (the switch goes back to "on" position), this is a sure sign of a virus. In this case, you should check the phone with antivirus or perform a full reset to factory settings.

Once you've shut down all the extra sources, the system will return to a maximum protection state. APK-The file in the future will require your explicit consent and going through the settings menu again.

Installation problems and gray buttons

Often, users are faced with a situation where the Install button is inactive (gray) or disappears after a few seconds. This is the work of MIUI Protect or Google Play Protect. The system scans the installation file and, if it finds signs of risk (even false), blocks the action. In some cases, the Install button becomes available only after a countdown of 10 seconds.

Another common problem is the β€œclean” Android on Xiaomi’s global versions. In such firmware (Global ROM), access to the installation from unknown sources may be limited by Google policies. If you try to install a modified application, the system may simply prevent it from being installed, claiming that the source is unreliable, in which case the temporary disabling of Play Protect in the settings of the Google Play store helps, although this reduces the overall security.

The table below will help you quickly identify the problem and find a solution:

Symptom of the problemProbable causeDecision-making
The "Install" button is greyThe work of MIUI antivirusPress "Even Install" in 10 seconds.
No tumbler in the settingsRestrictions of Google PlayTurn off Play Protect temporarily
File damaged errorIncomplete APK bootDownload a file from another source
Requesting Mi Account PasswordSecurity policyEnter a password from your Xiaomi account

If none of these methods work, it may be that the APK file is incompatible with your smartphone's Android version. For example, you're trying to install an app that requires Android 12 on an Android 10 phone. Read the requirements carefully on the developer's website. It's also worth checking the CPU architecture (ARM64 or ARMv7), although modern Xiaomi phones typically use generic builds.

What if the installation is blocked constantly?
If the system blocks installation even after all permissions, try renaming the APK file by adding.1 at the end (e.g. app.apk.1), installing it through the file manager, and then renaming it back inside the Android folder.

Security: Is it worth the risk?

Enabling an installation from unknown sources is always a balance between convenience and security, and on the one hand, it gives you access to a vast world of alternative software, regional versions of apps and tools removed from Google Play. On the other hand, it opens the door to Trojans, miners and spyware, and statistics show that more than 60 percent of mobile viruses enter the system through the use of a mobile virus. APK-files downloaded from unverified sources.

Trust chain is a key concept here, and if you download an app from a developer's official website (like Telegram or Yandex), the risk is minimal. If you download a hacked version of a paid game from a forum, the risk becomes critical, and in the latter case, you don't just get free software, you often pay with your data, access to your camera and microphone.

To minimize the risks, follow the following simple rules:

  • πŸ›‘οΈ Include unknown sources only at the time of installation.
  • πŸ”„ Immediately after installation, return the settings to the original state.
  • πŸ” Check your downloaded files through online services like VirusTotal.
  • 🚫 Don’t give permission to install flashlight apps or simple games.

Remember that even if an application seems harmless, it may ask for excessive permissions. When installing, read carefully what the program requires access to. If a simple calculator asks for access to contacts and SMS, it is a red flag. In such cases, it is better to refuse installation, even if the source seems familiar.

πŸ“Š How often do you install apps outside of Google Play?
Every day.
Once a week.
Once a month
Never, just Play Market.

πŸ’‘

The basic principle of security is minimal privileges, so let's only install the app that's currently running the APK, and take that right away when the process is complete.

Frequently Asked Questions (FAQ)

Can I turn off unknown sources for all applications with a single button?
The current versions of MIUI and HyperOS don't have that feature. Google has changed Android's security policy to make permissions individual for each application. You'll have to go through the list and turn off the switches manually for each browser and explorer.
Why did the settings of unknown sources reset after updating the firmware?
This is normal security behavior, and when you update Android or MIUI, all permissions associated with installing apps are automatically voided, and this is protection in case a vulnerability is found in the new version of the system that allowed you to bypass these settings.
Is it dangerous to keep unknown sources for the file manager on all the time?
Yes, it's risky. If a malicious script is found in a file manager or downloaded archive, it can automatically initiate the installation of other malware without your knowledge, and it's better to enable this feature only when necessary.
How to remove an application that is not removed and blocks the exit from settings?
Try to start your phone in Safe Mode (clamping the off button on the lock screen). In Safe Mode, third-party apps don't start, and you can delete the malicious file through the application settings. If it doesn't, only a full reset.
Does the inclusion of unknown sources affect the phone’s warranty?
In itself, the inclusion of this setting is not a reason for refusing a warranty. However, if a phone installed from an unknown source of the program fails (for example, the software part or data will be damaged), the service center may refuse free repairs, citing the user's actions.