What is F-Droid? Is it safe?

F-Droid is an Android app store that only hosts free and open-source software (FOSS). Most apps are built by independent developers, and the platform focuses on transparency and privacy. Anything that tracks you, shows ads, or is otherwise against FOSS principles gets flagged as such, so you know what you’re downloading.

Below, you’ll find an overview of F-Droid’s features, potential risks, and a look at its benefits and drawbacks. We’ve also included a quick setup guide, how to stay safe while using the platform, plus a list of F-Droid apps and alternatives you can check out afterward.

What is F-Droid? Overview and features

Ciaran Gultnieks started F-Droid in 2010 as an alternative to major stores that only promote closed-source apps filled with trackers, ads, and other user-hostile features. Users can install free and open-source software, while like-minded developers can share their work without giving control to large corporations like Google, Apple, or Amazon.

F-Droid is easy to navigate and doesn’t force you to sign in, so you can install and update apps without giving up your privacy. The open code also lets the community check for problems and even contribute improvements if they want.

screenshot of the F-Droid homepage

Transparency is also key on F-Droid. The platform checks apps for anything that could impact your experience, and highlights them with the aptly-named Anti-Features, including:

  • Ads: If the app isn’t ad-free
  • Known Vulnerabilities: If the app contains security issues that could be exploited
  • Non-Free Addons, Assets, or Dependencies: For apps that rely on proprietary plugins, media, or other software to function
  • No Source Since: If the app’s code is no longer publicly available
  • NSFW: For potentially inappropriate content
  • Tracking: If the app monitors or reports your activity, even if optional

Here’s what they look like, using Proton Authenticator as an example:

screenshot of F-Droid anti-features shown on the Proton Authenticator page

Best of all, F-Droid lets you hide apps with certain Anti-Features, so you don’t have to wade through ones that don’t interest you.

Is the F-Droid store safe?

F-Droid stands apart from many unofficial app stores because it only includes apps with public source code. That makes it safer than random APK sites where you might not really know what you’re installing.

Since most F-Droid apps are fully open-source, developers and users can read, test, and point out problems in the code. This community-based approach makes it easier to catch malware early, even without the infinite money Google throws towards app security.

Before an app appears in the main catalog, the maintainers review it and confirm it follows free software rules. They also label things like tracking, ads, closed-source components, and more, so you can decide for yourself which apps are trustworthy.

Common risks of F-Droid

Here are the most common risks you may be exposed to if you decide to use F-Droid:

  • Installation process: To install F-Droid, you must allow “unknown sources” on your device. Downloading the app directly from the official site is fine, but apps from other sources can put your device at risk.
  • Extra repositories: F-Droid lets you link additional repos to get more apps. Since these aren’t held to the same standards, some apps might be unsafe or improperly verified.
  • Potentially harmful updates: Even familiar apps can carry harmful code if a bad update slips through. Pay attention to new permissions and unusual app behavior just in case.

Is F-Droid safe for GrapheneOS?

F-Droid is generally safe for GrapheneOS if you stick to popular and recommended apps. Most of them are open-source, so the community can check apps for malicious code, which makes sneaking in malware harder than on closed app stores (like Google Play).

Some of the stronger warnings come from independent security research by a former F‑Droid team member. They showed that, in certain edge cases, F‑Droid’s server tools could misread who actually signed an app. F‑Droid has since released patches for some of the issues, but the GrapheneOS community felt the overall design still needs major changes.

Benefits of using F-Droid

F-Droid gives Android users an alternative way to find and install apps while keeping control over what’s on their device. It focuses on openness, transparency, and privacy, avoiding many of the restrictions and tracking found in mainstream app stores.

Here’s what makes it stand out:

  • Open-source app library: Every app in F-Droid is open-source, meaning anyone can inspect, audit, or modify the code. This helps users trust that apps aren’t secretly collecting data or otherwise being sketchy.
  • Privacy-focused store: F-Droid puts your privacy ahead of everything else. Apps generally avoid gathering data without a clear reason, and any tracking or ad-related features are clearly marked so you know what’s happening before you install.
  • Full app transparency: The store tells you upfront if an app has ads, tracking, or paid features. Most of them are free and don’t hide extra charges, but when an app isn’t fully open or ad-free, you’ll see them marked as having “Anti-Features.”
  • Account-free downloads: You can get apps directly without signing in or linking to external services. This removes unnecessary friction and keeps your identity separate from your app usage.
  • Apps unavailable on the Play Store: F-Droid hosts apps that Google doesn’t allow or hasn’t approved, including niche tools, developer utilities, and privacy-focused software.

Drawbacks of using F-Droid

F-Droid is built around privacy and open-source access, but it’s not perfect. Here are some of its drawbacks compared to Google Play or similar options:

  • Manual setup required: You need to adjust your Android settings to allow apps from outside the Play Store. This extra step can be confusing if you’re used to automatic installs and haven’t changed Android security settings before.
  • Fewer apps and no mainstream choices: F-Droid centers around free and open-source apps, so TikTok, Instagram, Spotify, and other favorites are unavailable. You also don’t get the same massive library Google has—though, to be fair, there are a lot of fake apps and other junk on the Play Store.
  • Some Android versions and apps require manual updates: You’ll need Android 12+ to enable automatic updates on F-Droid. Meanwhile, some apps built for older versions may not auto-update, so you’ll have to do so manually.
  • Third-party repos may be risky: Adding outside repositories can expand your app library, but their quality and security aren’t guaranteed.

How to use F-Droid: Step-by-step guide

Installing F-Droid apps on Android is easy, though you’ll have to change a couple of settings. Follow these steps:

  1. Head to your Android device’s Settings.
  2. In the search bar, type “install” or “unknown.”
  3. Tap Install unknown apps, Install from external sources, or just Unknown sources. This setting may be named differently depending on your model.
  4. Toggle on the setting for your browser.
  5. Go to f-droid.org.
  6. Tap Download F-Droid to get the F-Droid.APK file. If you get a 404 error (like I did), try scanning the QR code on the desktop site instead.
  7. Either way, open the file and tap Install.
  8. Once finished, tap Open and explore the store’s library.
  9. Press on any app you find interesting and press Install.
  10. You may receive a system prompt to allow installing unknown apps via F-Droid. Go to Settings and toggle on the permission to proceed.

How to install F-Droid on Samsung

The process is fairly straightforward on Samsung as well. Here’s what to do:

  1. Navigate to your device’s Settings.
  2. Look up “install” and tap Install unknown apps.
  3. You’ll have to tap it again when it redirects you to More security settings.
  4. Tap the toggle next to your browser to allow installation. series of screenshots showing how to allow installation of unknown apps on a Samsung phone
  5. Download the F-Droid APK file from f-droid.org, either by tapping the download button or scanning the QR code.
  6. Open the APK and tap Install in the prompt.
  7. Once it’s finished installing, tap Open and browse F-Droid’s selection of apps. screenshots showing how to download and install F-Droid on Samsung
  8. Tap any app you want, then Install.
  9. You’ll get a security prompt. Tap Settings and toggle on Allow permission to be able to install F-Droid apps. screenshots showing how to install unknown apps from F-Droid on Samsung

How to add a third-party repository on F-Droid

To get extra apps on F-Droid, you can add extra repos with these steps:

  1. See the list of third-party repositories on the F-Droid forum. Some popular examples include IzzyOnDroid and the Guardian Project.
  2. Tap and hold any of the options to copy the repo link.
  3. Open the F-Droid app, then go to Settings > Repositories. screenshots showing where to find the Repositories setting on F-Droid
  4. Tap the + button on the bottom right.
  5. Tap Enter repository URL manually, paste the link, then tap Add. screenshots showing how to add repositories on F-Droid
  6. Alternatively, press Scan QR code, go to the repo’s website, and scan the code there. Watch out for the loud beep (thanks for the jumpscare, F-Droid).
  7. Next, tap Add repository to see a list of apps on the repo. You can tap them and press Install. Some apps will offer a choice between installing from the F-Droid or third-party repo, but you’ll find a bunch of exclusives as well. screenshots showing how to add the IzzyOnDroid F-Droid repo, the list of apps found on the repo, and how to install them
  8. You can view the list of apps later by returning to Settings > Repositories, tapping on the repo, then Show apps. screenshots showing how to review added repos and their apps on F-Droid

What are some useful apps on F-Droid?

If you’re looking to “DeGoogle,” you’ll find a wide variety of apps that respect your privacy on F-Droid. Here are some options to check out:

Browsing and entertainment

Tired of Google tracking your every move, AI-generated ads on YouTube, or having to sift through endless recommendations? These apps help you browse, watch, and listen on your own terms, without unnecessary tracking or interruptions:

  • DuckDuckGo Privacy Browser: Open-source browser (except its search engine) that blocks trackers, keeps your searches private, forces encrypted HTTPS connections, and doesn’t link your activity to a Google account.
  • NewPipe: Watch YouTube without ads and avoid all the clutter. You can play videos in the background, download them for offline viewing, or even pop them out in a mini-player, all without logging in to Google. Also supports SoundCloud, Bandcamp, and others in the same app.
  • AntennaPod: Listen to podcasts without unnecessary tracking or interruptions. Subscribe, download, or stream your favorite shows on your schedule, with a simple interface that keeps everything organized.

Navigation and sync

Want to map your route, store files, or keep calendars synced without Google watching? These tools handle navigation and cloud storage so your information stays under your control:

  • OsmAnd: Get detailed offline maps and real-time navigation. Plan your routes, track your hikes, or explore new cities without sending your location to Google. Map data provided by OpenStreetMap.
  • Nextcloud: Open-source sync client, great for self-hosting files and photos across all your devices without some big tech company sneaking a peek. You can easily add extra integrations such as Calendars, Contacts, and more.

Email and two-factor authentication (2FA)

Keep your messages and accounts secure with strong encryption, multi-account support, and reliable 2FA, with apps like:

  • FairEmail: Read and manage multiple email accounts securely. Uses strong encryption, doesn’t track your messages, and gives you full control over notifications and storage.
  • K-9 Mail: Open-source client that lets you handle multiple emails and supports PGP encryption for added security.
  • Aegis Authenticator: Protect your accounts with this open-source authenticator app. Generate secure codes locally, back them up safely, and manage multiple accounts without relying on cloud services that could track you.

Termux – terminal emulator with Linux tools

Termux gives you a full Linux environment right on your phone or tablet. You can run command-line programs, write scripts, manage files, and even install packages just like on a desktop. It’s great for power users who want to tinker, automate tasks, or experiment without needing a separate computer.

Tips to use F-Droid safely

F-Droid is mostly safe, but you still need to follow some basic precautions. Knowing how to handle extra repos, app permissions, and updates can prevent headaches later on.

Be wary of third-party repositories

Adding extra repositories expands your app choices, but these sources aren’t always checked as carefully as F-Droid’s main repo. Stick to well-known options, check the F-Droid forums for community feedback, and avoid adding ones that seem sketchy to reduce the chance of installing unsafe apps.

Keep an eye on anti-features

F-Droid immediately warns you if an app has features you might not like. Always take a look at an app’s listed anti-features—whether it’s tracking, ads, NSFW content, or the inclusion of proprietary code—and you won’t be caught off-guard.

If you’re curious how common these flags are, F-Droid has a neat list of all apps with known anti-features you can check out.

We also recommend reviewing anti-features every now and then, as you never know when a trusted app suddenly changes ownership. Nothing like waking up one day and realizing your minimalist notes app has ads now.

Manage app permissions carefully

Review the permissions an app asks for and only allow what makes sense. Limiting access to location, contacts, or storage reduces the risk of apps collecting unnecessary data. Permissions can change with updates or if an app gets compromised, so pause for a second before agreeing to share your location with your podcast app.

Related:

Check app sources

Verify that you’re downloading apps from official F-Droid repositories or trusted developers. Avoid APKs from unknown sites, as they may contain malware or modified code. Even popular apps can be faked on unofficial sites.

Double-check the URL on official websites and GitHub pages, developer names, and cryptographic signatures when possible to ensure the app is authentic.

Update Android and F-Droid apps

Running the latest versions of Android and F-Droid reduces vulnerabilities. Updates often patch security issues and fix bugs that attackers could exploit. If you’re running Android 12+ go to F-Droid’s Settings and toggle on Automatically install updates. On older phones or with older apps you’ll need to check for updates manually once in a while.

Enable Play Protect

Even if you mostly use F-Droid, Play Protect can provide a safety net for any apps installed from other sources. It scans for malware and warns you if something looks suspicious. You can check if it’s enabled by going to your Android settings and typing in “Play Protect” in the search bar. When you tap on the option, it should have a green checkmark next to it.

What are some F-Droid alternatives?

There are several ways to get Android apps outside F-Droid, depending on whether you want mainstream apps, open-source software, or more control over your downloads:

  • APKMirror: Offers official APKs, including older versions and region-restricted releases, though it’s not focused on open-source software.
  • Aurora Store: Lets you download Play Store apps without a Google account, which is great for privacy.
  • GitHub: Many open-source developers host APKs here. You can download them directly, but you’ll need to confirm the source is legitimate yourself.
  • Aptoide: Decentralized stores created and managed by users. Naturally, this means app quality and safety can vary wildly, so be on the lookout for potential malware.
  • Amazon Appstore: Runs its own app catalog with common titles and some exclusives.

In the end, F-Droid is still your best bet if you want fully open-source apps and clear build transparency. Regardless, other platforms may have smaller or niche apps that you won’t find on F-Droid.

Is F-Droid going away?

F-Droid itself isn’t going away (yet), but changes to Android could make it much harder to use freely. That’s because Google plans to require developer ID verification if they want their apps to run on certified Android devices. This affects apps from any source, including F-Droid, direct downloads, or other app stores.

F-Droid, the Electronic Frontier Foundation (EFF), Proton, and dozens of software freedom advocates have argued that this centralizes control over who gets to publish apps, which goes against Android’s whole open platform model.

Basically, if every developer has to register with Google, third-party app stores will lose their independence. Meanwhile, small developers will have to deal with fees (yep, paid registration), ID checks, and ongoing terms they can’t negotiate.

Now, Google says that developers will still be free to share apps directly or through any store they choose. However, F-Droid’s open letter mentions that if unverified apps can’t run on most devices, “sideloading” is essentially over.

What is F-Droid? FAQs

Is F-Droid free?

F-Droid is completely free. There are no hidden fees or subscriptions, and you don’t even need to create an account. Most apps you’ll see are open-source, so you can download, install, and modify them without spending a cent. Any titles that include ads, tracking, or monetization are marked as having Anti-Features.

How does F-Droid make money?

F-Droid makes money through donations and community support. The project runs as a nonprofit effort, so it doesn’t rely on ads or paid placements inside the app. You can donate if you want to help cover hosting and development costs, but using the store costs you nothing.

Is F-Droid illegal?

F-Droid is legal in most countries because it distributes open-source apps with proper licenses. Still, local laws vary, so you’re responsible for how you use the apps once they’re on your device. Always check whether an app’s functionality goes against local regulations.

What is a repo?

A repo is short for repository, and on F-Droid, it’s basically a source of apps you can browse and install. The main F-Droid repo has most apps, but you can add others to get extra choices. Each repo is like its own little app library, though not all of them have the same safety standards as F-Droid.