Secure apps passcode management

Typically, you configure AppConnect to require the device user to use a secure apps passcode to use secure apps. The device user creates and uses a secure apps passcode as follows:

• Creating a secure apps passcode

• Creating a more complex secure apps passcode

• Logging in with the secure apps passcode

• Logging out or resetting passcode for secure apps

• Resetting the secure apps passcode - administrator initiated

Creating a secure apps passcode

If a secure apps passcode is required, Go prompts device users to create a secure apps passcode the first time the user launches any secure app.

Device users can also create a secure apps password in Go without first having to launch a secure app.

Procedure 

1. Launch Go.

   Enter new passcode

   

2. Enter a passcode according to the specified instructions.

3. Tap Done.

   RE-enter the new passcode

   

4. Tap Done and Done again.

Creating a more complex secure apps passcode

Go chooses which keyboard to display for entering a secure apps passcode based on the passcode requirements in the AppConnect global policy. For example, on an iPhone, when the AppConnect global policy requires a numeric passcode, Go displays a numeric keypad. However, Go gives the device user the option to enter a more complex secure apps passcode. Some users may want to choose to exceed the secure apps passcode requirements because:

• they value stronger security against guessing and brute force attacks

• they do not mind the reduced convenience of entering a more complex passcode.

If the secure apps passcode requirements in the AppConnect global policy are 4 numeric digits, Go displays the following:

Numeric passcode requirement

Go presents a QWERTY keyboard when you tap Create more complex passcode.

Alpha numeric passcode requirement

Use this screen to create a secure apps passcode that is more complex than required by the AppConnect global policy.

The device user has the option to create a more complex passcode when:

• Creating the secure apps passcode for the first time.
• Changing the secure apps passcode.
• After tapping Forgot Passcode and reentering their user name and password for Ivanti Neurons for MDM.
• After exceeding the maximum number of failed passcode attempts and reentering their user name and password for Ivanti Neurons for MDM.

The last two options involve self-service secure apps passcode recovery, which is available only if you select Allow iOS users to recover their passcode on the AppConnect global policy.

Logging in with the secure apps passcode

After a period of time in which the device user uses no secure apps, Go automatically logs the device user out of secure apps. When the user once again launches a secure app or taps Log In in Go, Go prompts the user to log in with the secure apps passcode:

Logging with secure apps passcode

The device user does the following:

1. Enters the secure apps passcode.

2. Taps Done.

The device user can now continue with the secure app.

Logging out or resetting passcode for secure apps

The device user can log out of secure apps or reset the secure passcode. Logging out is useful, for example, if the user is lending the mobile device to a family member for a few minutes.

The user is automatically logged out after a period of inactivity.

To log out of secure apps or reset the secure apps passcode, in Go go to Settings > Secure Apps > Authentication.

Secure apps log out or change passcode

Go prompts the device user for the secure apps passcode the next time the user launches a secure app or taps Log In in Go.

Resetting the secure apps passcode - administrator initiated

You can change the secure apps passcode requirements on Ivanti Neurons for MDM by modifying the iOS AppConnect Configuration. When Go checks in with Cloud, Go prompts the device user to create a new password.

Reset passcode prompt

Tap OK and follow the prompts to reset the passcode.