Follow ZDNET: Add us as a favorite source On Google.
ZDNET Highlights
- Private DNS encrypts your web traffic to prevent ISP tracking.
- This improves both privacy and online security.
- It’s easy to turn on, but disabling it puts your data at risk.
Almost everything you do on your desktop, laptop, phone, and tablet starts with a Domain Name System (DNS) query. Essentially, DNS turns a domain name (like ZDNET.com) into an IP address so web browsers and apps know where to find the information they need.
Also: Best Android Phones to Buy in 2025
Without DNS, you would have to type 34.149.132.124 every time you go to ZDNET.com or 74.125.21.102 to go to Google.com. Even just by running a Google search, DNS is at work. The problem is that standard DNS is not encrypted, which means all your queries are sent over the network as plain text.
Why is non-encrypted DNS a problem?
Let’s say you’re on a public network – like a coffee shop – and you start searching for things on your Android device. Or maybe you need to access a CMS or another work tool, and you don’t want the public to know what you’re typing. If someone else is on the same network and has the skills, they can intercept your non-encrypted search query (or the URLs you visit) and know what you’re actually looking for.
Also: Your Android phone’s most powerful security feature is turned off and hidden by default – turn it on now
This is where Private DNS mode comes into play. Once you enable this feature, all your DNS queries are encrypted, so bad actors won’t be able to see them – even if they capture those packets. In other words, Private DNS mode should be a must-have for those who value their privacy and security.
But how do you enable private DNS mode on Android? It is really quite simple. Let me tell you how.
How to Enable Private DNS Mode (on Android version 11 or newer)
If you’re using Android version 11 or newer, the old method of private DNS will no longer work. Instead of handling this process manually, you need to install an application made by Cloudflare, called 1.1.1.1 + WarpOnce you’ve installed that app, it will open, and you’ll see a slider marked Disconnected, Tap that slider, and it will enable the service,
The Cloudflare WARP app makes it easy to enable private DNS on Android starting with version 11.
Jack Wallen/ZDNET
There is one caveat to using the app. If it’s disabled and you need to re-enable Private DNS, you won’t find the app in your app drawer. Instead, you need to search for it in the Google Play Store and tap Open from there. I think Cloudflare can fix this little glitch, but until they do, you’ll at least know how to access the app. On the other hand, if the app is running, you will see a notification entry, tapping on which will open the app.
How to Enable Private DNS Mode (on Android versions older than 11)
what you’ll need: An Android device running version 10 or older. I’m using a Pixel 9 Pro (which means I have to use the new method now), but almost every modern Android phone is able to enable private DNS.
Also: This silent Android feature scans your photos for ‘sensitive content’ – how to disable it
Open the Settings app (either from the notification shade or from the app drawer) and then tap Network & Internet. If you’re using a Samsung Galaxy device, you’ll go to Settings > More connection settings.
show more
The Network & Internet option should appear at the top of the Settings app.
Screenshot by Jack Wallen/ZDNET
You’ll find an entry for Private DNS at the bottom of the Network & Internet window. On Galaxy devices, it will be located in the middle of the More connections settings list. If you don’t find it, go back to the main Settings page and find Private DNS.
show more
The Private DNS entry is in the Network & Internet section of the Settings app.
Screenshot by Jack Wallen/ZDNET
This is where it can get a little tricky. You must have the address of the provider that provides private DNS. Cloudflare is my provider of choice, so their primary secure DNS address is:
show more
1dot1dot1dot1.cloudflare-dns.com
Some other possible hostnames you can use:
- Google DNS: dns.google
- Quad9: dns.quad9.net
- CleanBrowsing DNS: Security-filter-dns.cleanbrowsing.org
- OpenDNS: 208.67.222.222
- NextDNS: 45.90.28.0
- Comodo Secure DNS: 8.26.56.26
- OpenNIC: 192.95.54.3
Comment: Although all of the above free DNS services are worth trying, I recommend going with Cloudflare (1dot1dot1dot1.cloudflare-dns.com). I find it to be the fastest and safest of the group. On top of speed, Cloudflare adds DNS filtering, which can help prevent emails from being sent from malicious IP addresses.
Also: I’ve upgraded my Pixel 9 Pro to Android 16 — here’s what I love (and what’s still missing)
When you tap on Private DNS a new pop-up will appear. Tap Private DNS provider hostname, and then type the hostname for the DNS provider of your choice.
Adding a private DNS provider to Android.
Screenshot by Jack Wallen/ZDNET
You can also choose Automatic, which will automatically switch to Google’s private DNS when available. For those who don’t trust Google so readily for such a feature, I recommend selecting Private DNS and then typing the address of the provider of your choice. Tap Save to save the new settings and close the Settings app. You may find yourself in a location where Google’s private DNS servers are not available, so using a server like Cloudflare has benefits beyond speed.
Also: Changing these 12 settings on my Android phone extended its battery life by hours
You can then verify that it’s working by opening your default Android browser and pointing it to http://1.1.1.1/help. If you see “Using DNS over TLS (DoT)” set as “Yes”, it’s working.
And that’s all there is to it. Once you enable private DNS on Android, your DNS queries are encrypted. Enjoy that extra privacy and security.
