Practical implementations of quantum key distribution (QKD) have been shown to be subject to various detector side-channel attacks that compromise the promised unconditional security. Most notable is a general class of attacks adopting the use of faked-state photons as in the detector-control and, more broadly, the intercept-resend attacks. In this paper, we present a simple scheme to overcome such class of attacks: A legitimate user, Bob, uses a polarization randomizer at his gateway to distort an ancillary polarization of a phase-encoded photon in a bidirectional QKD configuration. Passing through the randomizer once on the way to his partner, Alice, and again in the opposite direction, the polarization qubit of the genuine photon is immune to randomization. However, the polarization state of a photon from an intruder, Eve, to Bob is randomized and hence directed to a detector in a different path, whereupon it triggers an alert. We demonstrate theoretically and experimentally that, using commercial off-the-shelf detectors, it can be made impossible for Eve to avoid triggering the alert, no matter what faked-state of light she uses.For instance, the imperfect preparation of the single-photon state may lead to leaking information about the key. This gap between theory and real-life practice allows for a plethora of source-side attacks ranging from the photonnumber-splitting (PNS) attack [10,11], the phase-remapping attack [12,13], the wavelength-selected photon-numbersplitting attack [14], and the pattern-effect attack [15], to the nonrandom-phase attacks based on unambiguous-statediscrimination [16], and laser seed control [17,18,19].