Authentication Policy

Use this dialog box to configure a user password policy.

Note: Supported settings differ between Android Enterprise and Android OEM devices.

User Password Policy

Choose an option from the drop to determine how the authentication policy will apply.

  • Allow user to configure: The device user chooses how to secure the device.
  • Disable lock screen: All lock screen security settings will be disabled. This is equivalent to choosing None as the security type on the device. Setting a password, PIN, or pattern re-enables the lock screen.
  • Enable password enforcement: The device user must follow the requirements as set by this profile configuration.

You must choose Enable password enforcement to apply an authentication policy.

If you are applying a user password policy to a work profile on an Android Enterprise device, enable the Enforce Work Profile Password Policy.

Complexity Requirements

Minimum Password Quality Select the minimum password quality. Password quality options are listed in order of security strength, from least to most secure. Device users can use any password type option that is more secure than the selected minimum.
  • Biometric (for example: fingerprint, face recognition, iris recognition)
  • Pattern
  • PIN
  • Alphabetic
  • Alphanumeric

The availability of the rest of options depends on the password type you select.
Minimum Password/PIN Length Select the minimum password or PIN length.
Minimum Number of Complex Characters Allowed Select the minimum number of complex (non-alphanumeric) characters required.
Minimum Number of Numeric Characters Select the minimum number of numeric characters (0-9) the password must have to satisfy requirements.
Minimum Number of Letters Select the minimum number of letters (a-z) the password must have to satisfy requirements.
Minimum Number of Lowercase Letters Select the minimum number of lowercase letters the password must have to satisfy requirements.
Minimum Number of Uppercase Letters Select the minimum number of uppercase letters the password must have to satisfy requirements.

History

Maximum Password Age Enter the number of days before the user is prompted to enter a new password.
Number of Unique Passwords Before Reuse Select the number of unique passwords a user must set before a previous password can be reused.

Policy

Maximum Setting Allowed for Screen Timeout Select this option to set a maximum inactive time before the screen locks.
Maximum Number of Failed Password Attempts Before Device Wipe Select the number of times an incorrect password can be entered before the device is automatically wiped.
Common Access Card (CAC) Authentication Select this option to use Common Access Card (CAC) authentication.