We may need to secure the device with a PIN code to protect the device. We can remotely achieve this on an android device using Password Policy from MDM profiles. It shows a popup on the device that enables the device’s end-user to set up a PIN to the device. Using SureMDM, we can ensure that the PIN code is strong enough by setting parameters such as the minimum length of the PIN number, maximum failed attempts, the maximum time to lock the screen, and maximum password age.
Purpose
The purpose of this knowledge article is to provide a guide on how to enable an user to set device PIN using Password Policy.
Prerequisites
- If SureLock is running on the device, a few child windows need to be allowed in SureLock settings to enable the end-user to set the PIN on the device.
- If the device is not secured using SureLock, we can skip to step 2 on How to set a password policy using profiles.
- The services are dependent on the Model and OS of the device. If any child window is blocked, the same must be enabled from the Child Windows section.
- The service that is being blocked can be seen in SureLock Settings > View Diagnostic log.
Steps
Step 1: How to enable the required services in SureLock Settings
- Tap 5 times on the SureLock Home Screen, Enter the password and go to SureLock settings.
- Navigate to Allowed Applications and add the Android Settings application.
- Edit the Settings App and check Hide Icon on Home Screen.
- Select Child Windows and allow only the following services:
password.SetNewPasswordActivity
ChooseLockGeneric
ChooseLockGeneric$InternalActivity
EncryptionInterstitial
ChooseLockPassword
NotificationRead action interstitial
Step 2. How to set a password policy using profiles:
- Navigate to Profiles > Android > Select the required profile or add a new one.
- Select Password Policy and click on Configure.
- Select the required profile type and set the minimum device password policy to Numeric to secure the device using a PIN number.
- Set the below parameters as per requirement
Minimum password length – Input a value between 4 and 17.
Maximum Failed Attempts – Specify the number of attempts after which the device gets reset. Maximum failed attempts allowed are 6.
Maximum Password Age – Specify the maximum number of hours the password can be active.
Enforce Password history – Number of times the password has to be changed before the previously used password can be set again.
Maximum Time to lock – Number of seconds after which the screen locks automatically.
Need more help? Here’s how to get help from our experts.