Device Password Policy for Android Devices
A strong password protects the devices against unauthorized or unattended access and acts as a first line of defense in case of device theft. Scalefusion lets the administrators enforce the password policies remotely thereby making sure that the users are forced to apply a password.
In this document we will see how to create and apply a password policy for Android Devices.
Creating a Password Policy
- Sign In to Scalefusion Dashboard and navigate to Device Profiles & Policies > Passcode Policy. To enforce a password policy for Android devices, click on Android tab.
- To start configuring the password policy, enable Require Password
- Once the Require Password is enabled, you can configure the Password Type policy. The options available are,
- Select Password type: Choose between Numeric, Alphabetic, Alpha-numeric, Unspecified, Something, Weak Biometric password.
- Minimum Password length: Provide a minimum length of the password. Note that although 4 is an allowed option, on some devices the minimum accepted value is 6 and in these cases it will default to 6.
- Enforce Complex Password: Enable this option if you want to enforce a complex password. Simply enabling this enforces the user not to have an ascending or a descending order of numbers or characters like for ex: 1111 OR abcd1
- If the password type is selected as Alphanumeric and complex password is enforced, then additional complexity parameters can be specified as given below:
Minimum number of symbols
Enforces a minimum number of symbols in the password.
Minimum number of lower-case characters
Enforces a minimum number of lower case characters in the password.
Minimum number of alphabets
Enforces a minimum number of alphabets in the password.
Minimum number of upper-case characters
Enforces a minimum number of upper-case characters in the password.
Minimum number of digits
Enforces a minimum number of digits in the password.
- The next step is to configure Password Management settings. The options are,
- Password Expiry Period: Select how often the user is forced to change the password.
- Maximum Password History List: Select the number of historical passwords that the user cannot use while setting a new password.
- Maximum Failed Attempts to Factory Reset: Select after how many failed attempts the device should be factory reset.
- Set Idle Time for Auto lock: Choose an idle time after which the device should auto-lock.
- Click Save Policy to save the password policy.
Applying a Password Policy
- To enforce the password policy on the devices, click Apply to Device
- In the Apply Passcode Policy dialog box select Device Profiles or Devices to apply the password.
- Click SUBMIT.
- Once the password policy is applied, the devices will be shown a prompt to apply a password as per the new policy.
- For corporate devices, a dialog is displayed to the user until they set a compliant password.
- For personal devices, the work applications are disabled and users are prompted to enter a password. The work applications are re-enabled once the user sets a compliant password.
Removing a Password Policy
- To remove a password policy, click on the bin icon
- In the Remove Passcode Policy dialog, select the device profiles or the devices from which you want to remove the policy.
- Once the Policy is removed, Scalefusion client on the device will make a best-case attempt to remove the password and also will make sure not to enforce a password on device.
Frequently Asked Questions
Question: We have set a password policy but the policy is not enforced?
Answer: If the user already has set a stronger password than the enforced one, then they will not be prompted to change the password.
Question: Why are the users asked to confirm the password again after setting it?
Answer: Starting Android 8.0 devices, for Scalefusion to reset passwords, it needs to activate a token that gives the client the capability to reset the password. If this token is not activated then the password cannot be reset by Scalefusion and the only way to activate it is by confirming it once again.
Question: Why does the Reset Password/Remove Password Policy option, remove the password from device?
Answer: This might be due to various reasons. It might be the case that if the device is 8.0 and above and the reset password token was not activated OR there is another Device Admin (like an email application) which has enforced a stronger password.