Android 16 is adding a subtle, yet important, layer of security aimed at protecting one of your most vulnerable pieces of information: one-time passwords (OTPs). Starting with the first Developer Preview, the new version of Android will automatically hide sensitive notification content from the lock screen — particularly when it includes two-factor authentication codes — but only under certain conditions.
This new behavior was first noticed earlier this month after Android 16 DP1 became available. While digging into the preview, it was discovered that some notifications no longer displayed full content on the lock screen, even when settings were configured to show sensitive information. Specifically, the Android System Intelligence service appears to detect OTP codes and withholds their contents by default, keeping them hidden unless certain security conditions are met.
Sensitive notification on lock screen of Android 15 QPR2 Beta 1 (left) vs Android 16 DP1 (right). | Image credit — Android Authority
Google has since confirmed this behavior, clarifying that the redaction will only trigger in what it calls “higher risk scenarios.” These include moments when the phone isn’t connected to Wi-Fi or hasn’t been unlocked recently — situations that might indicate the device is in unfamiliar hands.
While Android already lets users manage lock screen notification privacy manually through settings, this new system-level behavior adds an automatic layer that acts independently of those choices. In short, even if you’ve chosen to show everything on the lock screen, Android 16 might still hide certain messages when it senses a potential security risk.
This change builds on a similar approach introduced in Android 15, where Google began blocking third-party apps from reading notifications that include OTPs, even if those apps had notification access. Both features rely on Android System Intelligence to parse messages and detect the presence of sensitive content before deciding how it should be handled.
It’s still early in the Android 16 development cycle, and features in developer previews can sometimes be modified or removed before the final release. But now that Google has officially acknowledged this change, there’s a strong chance it will stick around for the stable version expected later this year.
If it does, Android users may finally get a smart balance between convenience and privacy — especially when it comes to keeping their login codes safe from prying eyes.
Johanna 'Jojo the Techie' is a skilled mobile technology expert with over 15 years of hands-on experience, specializing in the Google ecosystem and Pixel devices. Known for her user-friendly approach, she leverages her vast tech support background to provide accessible and insightful coverage on latest technology trends. As a recognized thought leader and former member of #TeamPixel, Johanna ensures she stays at the forefront of Google services and products, making her a reliable source for all things Pixel and ChromeOS.
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: