Password Policy Management with MDM
Mobile device management (MDM) allows the IT admin to configure the password rules to be maintained by the end-users. These rules define the complexity and strength of the password which in turn increases the safety of the device.
iOS and macOS devices
The following are the configurations or rules for iOS and macOS devices:
Allow simple value
By allowing simple value, employees can set passwords with simple characters like ABCDE or 12345. For security purposes, it would be better to disallow employees from using those password as it is easier to hack.
Maximum Passcode age
You can set from 1 to 730 days after the password becomes invalid. Once the password expires, the device remains locked unless a new password is set and applied by the employees.
Failed Attempts (iOS only)
You can essentially wipe the data in a device by setting a value from 4 to 10 attempts. If an employee enters a wrong passcode for the specified number of times, the device data will be wiped automatically.
Android and Android work profile
These are the configurations available to both Android devices and Android work profile:
You can select the type of characters that the user needs to use in a password. It can take simple value, numbers, alphabets, alphanumeric or complex value.
Minimum Password Length
The password length can be set between 4- 16 characters. However, it is not applicable to simple value or numerical passwords.
Whenever a “complex password “is selected as the passcode requirement the admin can dictate certain parameters for characters in the password. These include:
- Minimum number of letters (Alphabets) in the password
- Minimum uppercase letters
- Minimum lowercase letters
- Minimum non-alphabetical characters
- Minimum symbols
The IT department should make sure that the employees are well aware of the importance of a strong password. The employees should beware of all the security risks, common or complex, caused due to lax password security.
Sourced from here.