1. Home
  2. How to enable a user to set device PIN using Password Policy

How to enable a user to set device PIN using Password Policy

KB ID: 42G2205921
Views: 82
Updated: May 2022

We may need to secure the device with a PIN code to protect the device. We can remotely achieve this on an android device using Password Policy from MDM profiles. It shows a popup on the device that enables the device’s end-user to set up a PIN to the device. Using SureMDM, we can ensure that the PIN code is strong enough by setting parameters such as the minimum length of the PIN number, maximum failed attempts, the maximum time to lock the screen, and maximum password age. If Surelock is running on the device, a few child windows need to be allowed in Surelock settings to enable the end-user to set the PIN on the device. If the device is not secured using Surelock, we can skip to 2) How to set a password policy using profiles.

1) How to enable the required services in Surelock Settings:

Step 1: Tap 5 times on the Surelock Homescreen, enter the password, and go to Surelock settings.

Step 2: Navigate to Allowed Applications and add the Android Settings application.

Step 3: Edit the settings app and check Hide Icon on Home Screen

Step 4: Select Child Windows and allow only the following services:

password.SetNewPasswordActivity

ChooseLockGeneric

ChooseLockGeneric$InternalActivity

EncryptionInterstitial

ChooseLockPassword

Notificationread action interstitial

Note:

  • The services are dependent on the Model and OS of the device. If any child window is blocked, the same must be enabled from Child Windows section.
  • The service that is being blocked can be seen in Surelock Settings > View Diagnostic log.

  • 2) How to set a password policy using profiles:

    Step 1: Navigate to Profiles > Android > Select the required profile or add a new one.

    Step 2: Select Password Policy and click on Configure.

    Step 3: Select the required profile type and set the minimum device password policy to Numeric to secure the device using a PIN number.

    Step 4: Set the below parameters as per requirement : 

    Minimum password length – Input a value between 4 and 17.

    Maximum Failed Attempts – Specify the number of attempts after which the device gets reset. Maximum failed attempts allowed are 6.

    Maximum Password Age – Specify the maximum number of hours the password can be active.

    Enforce Password history – Number of times the password has to be changed before the previously used password can be set again.

    Maximum Time to lock – Number of seconds after which the screen locks automatically.