The AppConnect passcode
You can require an AppConnect passcode, also known as the secure apps passcode. With a single login using the AppConnect passcode, the device user can access all the secure apps. You configure the rules for the AppConnect passcode on the administrative portal for the Ivanti UEM. The AppConnect passcode is not the same as the passcode used to unlock the device.
For the highest possible security when using AppConnect, Ivanti recommends that each device use both of the following:
- a device passcode
- an AppConnect passcode
In some environments, however, using both passcodes is not feasible due to usability and other requirements. For these reasons, you have the option to not require an AppConnect passcode. Also, you can allow Touch ID or Face ID (iOS) or fingerprint (Android) instead of an AppConnect passcode for accessing AppConnect apps for a simpler user experience.
When the AppConnect passcode is not required, users enter only a device passcode, if one is required, to unlock the device. Users are not encumbered with entering a second authentication to access secure apps. Because the apps are AppConnect-enabled, they are secured with AppConnect features such as data loss prevention policies. Also, the secure apps’ data is protected with encryption. However, not requiring an AppConnect passcode means data encryption does not use the AppConnect passcode in creating the encryption key.
Your organization’s security requirements determine whether accessing secure apps without an AppConnect passcode is an acceptable trade-off for an improved user experience.