Authentication (Android Enterprise)

An Authentication configuration enables you to set minimum requirements for password-based user authentication on a device.

Administrator

Use this section to add an administrator password to the device. You must configure an administrator password before using various security features of SOTI MobiControl. The administrator password disables security feature such as lockdown and application run control, providing unrestricted access to the device.

Password Enter an administrator password for the device that disables security features such as lockdown or application run control.
Note: The Device and Work Profile tabs of the Android Enterprise Authentication profile configuration largely offer the same settings however, they affect the device very differently.

  • Use Device if the device is a Android Enterprise managed device where SOTI MobiControl manages the entire device.

  • Use Work Profile if the device is a Android Enterprise with a work profile where SOTI MobiControl manages only a portion of the device.

If you are applying a user password policy to a work profile on an Android Enterprise device, in the Work Profile tab, enable the Enforce Work Profile Password Policy toggle.

Device Password Policy

Choose an option from the drop to determine how the authentication policy will apply.

  • Allow user to configure: The device user chooses how to secure the device.
  • Disable lock screen: All lock screen security settings will be disabled. This is equivalent to choosing None as the security type on the device. Setting a password, PIN, or pattern re-enables the lock screen.
  • Enable password enforcement: The device user must follow the requirements as set by this profile configuration.

You must choose Enable password enforcement to apply an authentication policy.

Minimum Complexity

Password Quality Select the minimum password quality. Password quality options are listed in order of security strength, from least to most secure. Device users can use any password type option that is more secure than the selected minimum.
  • Biometric (for example: fingerprint, face recognition, iris recognition)
  • Pattern
  • PIN
  • Alphabetic
  • Alphanumeric
Password Length Select the minimum password or PIN length.
Complex Characters Select the minimum number of complex (non-alphanumeric) characters required.

History

Maximum Password Age Turn on Maximum Password Age to enter the number of days before the user is prompted to enter a new password.
Unique Passwords Before Reuse Turn on Unique Passwords Before Reuse to select the number of unique passwords a user must set before a previous password can be reused.

Policy

Screen Timeout Turn on Screen Timeout to set a maximum inactive time before the screen locks.
Maximum Failed Password Attempts Before Device Wipe Turn on Maximum Failed Password Attempts Before Device Wipe to select the number of times that an incorrect password can be entered before the device is automatically wiped.