This article shows how to configure and deploy a work profile passcode to Android devices with the work profile enabled.
- Enterprise Plan subscription or trial.
- Managed Google Play Enterprise has been configured.
- Miradore Online Client 2.4.0 installed to the devices.
- Devices are running Android 7 or newer. For android 5 and 6 devices, the passcode will enforce a single passcode for the entire device.
- Work profile has been enabled to the target Android devices.
When these requirements are met, administrators can create and deploy a work profile passcode to the devices. This means that you can use a separate passcode for the device and for the work applications. For example, you can deploy a five number PIN code policy for the device and seven number PIN code policy for the work profile.
Navigate to Management > Configuration profiles and start creating configuration profile by clicking Add. Select Android > Passcode and define the desired configuration.
Defines the minimum length for the passcode.
Defines the minimum quality requirement for the passcode. The requirements are in order from the loosest to the strictest. A loose requirement always allows for a stricter passcode. For example, if the minimum quality requirement is Numeric (pin code), the end user can choose to use a more complex password.
- Unspecified: No requirements for the passcode. NOTE! The user can disable the passcode completely.
- Something: Requires some kind of a passcode, but doesn’t care what it is. Patterns, pin codes, passwords etc. are all allowed.
- Numeric: A pin code is the loosest passcode type allowed.
- Alphabetic: The user must enter a password containing alphabetic (or other symbol) characters.
- Alphanumeric: Requires a password that is a combination of letters and numbers. May also include symbolic characters.
- Complex: Requires a password containing at least one letter, one numerical digit, and one special symbol.
Defines wether the passcode configuration is set for the device lock screen or work profile lock screen.
Defines the amount of time until the passcode expires.
Maximum screen lock timeout
Defines the maximum time until the screen is locked if the device is left unattended. The user may set shorter than maximum timeout for screen lock.
Defines the amount of previous passcodes that cannot be used.
Maximum number of failed attempts
Defines the amount of failed unlock attempts before the work profile gets wiped.
Force unlock passcode
Forces the defined unlock passcode to the profile.
Force a new unlock passcode. This change takes effect immediately. The given password must be sufficient for the defined password quality and length constraints. If it does not meet these constraints, then it will be rejected.
When a passcode is enabled, the user is requested to enter his/her passcode when opening work profile apps after the device has been restarted, device is locked or lock device command has been deployed.