密码

您可以在这里定义创建密码的参数并配置密码设置。

MDM密码在管理员设置的最大密码有效期后失效。密码过期后,强制用户修改密码。用户需要使用已过期的密码解锁才能修改设备,同时设备的其他功能受到限制。在密码到期前的最后几天,用户将被提醒修改密码。

只有Android OS 5.0及之后版本的设备才可以配置为 配置文件所有者设备所有者

功能 描述 三星 非三星
核心安卓 配置文件所有者 设备所有者
应用密码于
(适用于7.0及以上版本的设备)

指定密码是应用于整个设备还是仅应用于工作配置文件容器(作为配置文件所有者设备时创建),或者两者都应用。当应用于工作配置文件容器时,密码将应用于通过MDM分发并安装在容器上的被管应用程序。

配置

密码要求:户在设备上配置密码时,可以选择需要满足的条件。

默认密码:可输入需要在设备上强制执行的通用密码。用户无法修改设置的密码。

删除密码:: In the case of digital signage, organizations must set up the device without a passcode. Using this option, any existing passcode on the device can be removed and users can be prevented from manually configuring a passcode on these devices.
Note: Password set by the user can not be removed from Samsung devices running Android 9.0 or above, enrolled via invite method

Minimum passcode requirement (Applicable when Passcode Requirements is selected)

You can define the minimum passcode type required or allowed to create a passcode. The increasing order of security in the passcode type is Simple value->Numbers->Alphabet->Alphanumeric->Complex Value. On choosing a minimum required passcode type for example, as 'Numbers', then the passcode that is set on the device can contain numbers, alphabets, alphanumeric characters or complex values.

'Simple Value (Pattern)' enables you to set patterns, pin or passwords for the device.

On choosing 'Numbers', you can set either a pin or password for the device. The password can contain numbers, alphabets, alphanumeric or complex values.

'Alphabet' allows you to set only passwords for the device. The password can contain alphabets, alphanumeric or complex values.

Alphanumeric' passcode allows you to set a password that contains both numbers and alphabets. Special characters can also be included.

'Complex Value' type of passcode enables you to set a password that contains alphabets, numbers and at least one special character.

Minimum passcode length
(Cannot be configured only if Minimum passcode requirement is pattern or numbers)

You can define a minimum length for the passcode here.

Maximum number of failed attempts (Applicable when Passcode Requirements is selected)

Maximum number of failed attempts allowed can be specified. When the number of attempts exceeds, the device will be reset, completely wiping all the data in the device.

Maximum idle time allowed before auto-lock (Applicable when Passcode Requirements is selected)

Maximum allowed idle time before the device auto-locks itself. The user can select a value less than the one specified by the admin. For example: If the admin selects 2 mins, the user can set the idle time less than 2 mins.

Number of passcodes to be maintained in the history (Supported from Android 4.0 and applicable when Passcode Requirements is selected)

Total number of previous passcodes to be maintained, so that it cannot be reused.

Maximum passcode age (Supported from Android 4.0 and applicable when Passcode Requirements is selected)

User will be notified to reset the Passcode based on the days specified here

Force passcode policy after (Applicable when Passcode Requirements is selected) Specify the time after which the device user needs to set a passcode on the device complying with the passcode policy configured in MDM. In Samsung devices, users are prompted immediately to set a passcode irrespective of the time set here in the case there is no passcode set on the device. If a passcode is set but doesn't comply with the policy, then the user is prompted based on the policy settings. Applicable for devices running 7.0 or later versions Applicable for devices running 6.0 or later versions
Smart Lock (Applicable when Passcode Requirements is selected) Allow or restrict users from setting up Smart Lock on their devices, with which they can bypass the password prompt on the lock screen by configuring trust agents such as On-Body detection, Trusted places/devices/voice. Applicable for devices running 5.0 or later versions
Temporary Passcode (Applicable when Passcode Requirements is selected) A temporary passcode can be set on the device to protect the device from unauthorized access when a new corporate device is handed to the users. Admins can configure a passcode that will be set on the device until the device is unlocked. Once the device is unlocked, the user will be prompted to set a new passcode on the device based on the requirements configured. If a passcode already exists on the device, the temporary passcode will not be applied.
Unlock device using fingerprint (Samsung-only feature - Supported from Android 5.0)

If this is allowed on a device, the user will be able to use fingerprint to unlock the device.

The backup password set during fingerprint registration on a device should be a simple value, number, alphabet, alphanumeric or complex according to what you choose as the Minimum Passcode Requirement.

Maximum repetition of characters
(Can be configured only if Minimum passcode requirement is 'Complex Value') (Samsung-only feature - Supported from 4.0)

Specify how many times, can a number or an alphabet be repeated in the password (Example: If you say 2 times, you cannot use the same alphabet or number more than twice in the password).

Maximum numeric Sequence
(Can be configured only if Minimum passcode requirement is 'Complex Value') (Samsung-only feature - Supported from 4.0)

Specify how many sequential numbers can be used in the password (Example: If you say 3, you can use up to 3 sequential numbers like 123, 456, etc..).

Minimum uppercase length
(Can be configured only if Minimum passcode requirement is 'Complex Value') (Supported from Android 4.0)

You can define the minimum number of upper case letters required to create a passcode

Minimum lowercase letter length
(Can be configured only if Minimum passcode requirement is 'Complex Value') (Supported from Android 4.0)

You can define the minimum number of lower case letters required to create a passcode

Minimum letter length
(Can be configured only if Minimum passcode requirement is 'Complex Value') (Supported from Android 4.0)

You can define the minimum number of letters required to create a passcode

Minimum non-alphabetic characters
(Can be configured only if Minimum passcode requirement is 'Complex Value') (Supported from Android 4.0)

You can define the minimum number of Non-Alphabetic Characters
required to create a passcode

Minimum numeric length
(Can be configured only if Minimum passcode requirement is 'Complex Value') (Supported from Android 4.0)

You can define the minimum number of numeric values required to create a passcode

Minimum symbol length
(Can be configured only if Minimum passcode requirement is 'Complex Value') (Supported from Android 4.0)

You can define the minimum number of symbols required to create a passcode

BIOMETRIC PASSCODES

Use Fingerprint as passcode

Allow/Restrict usage of fingerprints as device passcode

Use iris scanning as passcode

Allow/Restrict usage of iris scanning as device passcode

Use face scanning as passcode

Allow/Restrict usage of face scanning as device passcode

  • After distributing this policy, the passcode must be set by the user on the device. Only after this will the device details view under Inventory be updated.
  • If the user doesn't configure the passcode before the duration specified in Profile Settings, then all the apps except ME MDM app, Launcher and Settings get disabled as explained here.
  • If the device already has a passcode set on the device and it complies with the passcode policy configured in MDM, the device user will not be prompted to create a new passcode, in accordance with the MDM passcode policy.
  • If the passcode policy isn't applied on the device, verify other policies are controlling the passcode configuration. For example, you may have configured a passcode policy using Exchange. Further, verify if there any other device administrators on the device, which might be controlling the passcode policy. You can view the list of device administrators by navigating to Settings -> Security -> Other Security Settings -> Device Administrators.
  • In the case of Samsung, if the device does not factory reset automatically when the user has exceeded the maximum number of passcode attempts, it might be due to:
    • a factory reset restriction applied on the device from MDM. Navigate to Device Mgmt->Profiles->Android->Restrictions->Security on the MDM server and ensure that Restore Factory Settings is set to Allow.
    • an API which restricts device factory reset. Although, MDM initiates a factory reset, it fails as the API restriction set by a device administrator, cannot be overridden by another device administrator (MDM).

 

另请参阅:  将配置文件关联到组将配置文件关联到设备应用管理将应用分发到设备将应用分发到组
版权所有 © 2021, 卓豪(中国)技术有限公司。保留一切权利。
ManageEngine卓豪 - IT管理 新体验