Passcode Configuration
One of the first things you set up in Ivanti Neurons for MDM (using the startup wizard) is a passcode configuration. This configuration defines settings for the screen lock feature on devices.
Passcode settings
Setting |
What To Do |
---|---|
Name |
Enter a name that identifies this configuration. |
Description |
Enter a description that clarifies the purpose of this configuration. |
Allow simple values |
Restricts whether the PIN or Password contains ordered characters or digits.
For iOS Examples: 1111, 1234, abcd.
Deselecting this option for Android devices will enforce passcodes with complex PINs. For example, users cannot configure repeated, ascending, or descending character sequences. For Windows 10+: Select to allow passcodes that are less secure because they contain repeated or ascending numeric sequences. Examples: 1111, 1234 |
Require alphanumeric value |
Requires the passcode to contain at least one letter and one number.
For iOS For Windows 10+: Select to ensure a strong password based on Microsoft's standard. |
Minimum passcode length |
Select a number from the list to set a minimum passcode length. For Windows 10 Desktop: Local accounts will enforce minimum passcode length 6. |
Minimum number of complex characters |
For iOS For Windows 10+: Local accounts will enforce 3 complex characters. |
Maximum passcode age |
Enter a number to the number of days after which the device user must reset the passcode. If you do not want to set the a passcode age, then leave this field blank. |
Auto-Lock |
Select an interval from the list to define how long the device can stay idle before it automatically sets the screen lock. |
Any Lock Method |
Android only. Allows user choice of any lock method, including pattern unlock. The passcode settings above will not be applied to this device. |
Passcode history |
Enter a number to set the number of unique passcodes a user must enter before reusing a passcode. For example, if you set this field to 4, then the user must set 4 passcodes before being able to reuse the first passcode. |
Grace period for device lock |
Select an interval from the list to set the amount of time between the appearance of the lock screen and the point at which the device user needs to enter a passcode to unlock the device. |
Maximum number of failed attempts |
Select a number from the list to set the number of times the device user can consecutively enter the wrong passcode before the device is reset and wiped. Warning: Devices will be wiped if the user exceeds the maximum number of password attempts. Use caution with this option. |
(macOS Only) Enable Passcode Regular Expression (macOS 14+) |
Specify the expression string that matches with the password to determine whether it matches with the policy. |
(macOS Only) Language |
Specify the language of the Description. |
(macOS Only) Description |
Describe the password complexity. For example, numbers, special characters, string, and so on. |
(macOS Only) Enforce passcode rule at next login |
Select to enable macOS to prompt the user to change the password to make the password compliant with the password policy next time the user logs in. By default, this option is not selected. Applicable for macOS 10.13 and later versions. |
(macOS Only) Minutes until failed login reset |
Specify the minutes before the login is reset after the maximum number of unsuccessful login attempts is reached. Ensure that the Maximum number of failed attempts number is set to enable this field. Available in macOS 10.10 and later. |
SmartLock |
For Android 5.0 devices except in Android enterprise work profiles: For Android 6.0 or later: Allows or disallows a user to choose the SmartLock feature to unlock a device. The SmartLock feature automatically unlocks a device in certain circumstances such as the user's proximity to the device, device at a location, or when the device is paired with a trusted device. |
Fingerprint Unlock |
For Android 5.0 devices except in Android enterprise work profiles: For Android 6.0 or later: Allows or disallows the user to choose Fingerprint to unlock a device. |
Lock Screen Notifications (for Android enterprise only) |
Enable Notifications for Work Managed Devices (for Device Owner) Allow or disallow notifications on the lock screen for work managed devices
Enable Unredacted Notifications for Work Profile For Android 6.0 or later: Allow or disallow unredacted notifications on the lock screen for work profile devices. After you enable this setting, you will receive the notification but the content appears as 'Content hidden by policy' You can view the content (mail/ push notification) only from the app. |
For more information, see How to create a configuration