User Tools

Site Tools


security

Security Screen

This screen allows the sysytem user to configure and restrict passwords on the device.

Inc Ext Storage When Wiping After Password Fail

A system user can include or exclude external storage when the device is wiped due to exceeding the maximum number of failed password attempts without user interaction.

Forbidden Password Characters

A system user can use this functionality to set characters or words that are forbidden in the device password. Forbidden words may include personal data (variations on the user's name, email address etc) or any other words.

Max Occurrences Of Characters

A system user can use this functionality to specify the maximum number of occurrences of a character in the device password. Characters can be numeric, alphabetic, or symbolic. For example, “aaabcde” has three occurrences of an 'a', “1b1c1de” has three occurrences of a '1', and “a@b@c@” has three occurrences of a '@'. A value of '0' specifies that no restrictions are applied.

Maximum numeric sequence length

A system user can use this functionality to set the maximum numeric sequence length allowed in the device password. This functionality specifies that the device password must not contain a numeric sequences greater than the given length. For example, if the maximum numeric sequence length is set to 5, the numeric sequence “12345” is allowed but “123456” is prohibited. A value of '0' specifies that no numeric sequence restrictions are applied.

Max num of failed password attempts before device disabled

A system user can use this functionality to set the maximum number of failed password attempts after which the device is disabled. When the device is disabled, the user cannot enter a password. The only way to re-enable the device is for the system user to set the value to “0” again.

Min password complex characters

Functionality to set the password character length required when setting a new password. Complex characters are digits or symbols that contribute to making stricter passwords. If MinPasswordComplexChars = 1, then at least one digit is required. If MinPasswordComplexChars > 1, then at least one digit and at least one symbol are required.

Min password character change num

A system user can use this functionality to specify that a new password must have a minimum number of changed characters. The difference between both passwords (old and new) shall be calculated. Characters can be numeric, alphabetic, or symbolic. Passwords like “test” and “best” differ from each other by 1 unit. “test” and “toad” differ from each other by 3 units. “test” and “est” differ from each other by 1 unit. A value of '0' specifies that no restrictions are applied.

Password change timeout (Minutes after User Prompted)

This functionality sets the timeout in minutes after which the password must be changed after the administrator uses enforcePwdChange() and the user cancels the first password change enforcement. If a password is already set in the device and the administrator calls enforcePwdChange(), the user can cancel the password change dialog; the password change is definitely enforced again after the timeout set (default value is 0 - no option to cancel). If no password is set in the device and the administrator calls enforcePwdChange(), the user cannot cancel it, so, in this case, the password change timeout is ignored.

Number of Days Password expires after

This functionality sets the maximum password age in days after which the password has to be changed. Value 0 will reset this policy and no expiry will be applied.

Num of recent passwords not used when setting new password

This functionality sets the maximum password history (the number of previous passwords that cannot be used when setting a new password). Value 0 will reset this policy and no history will be checked.

Lock screen/password delay (In Secs)

This functionality sets idle time after which key guard lock (lock screen) is enabled. An system user can use this functionality to set the duration of idle time before the key guard lock (lock screen) is enabled. Device settings provide to the mobile user a way to set time values to lock the device automatically or instantly by pressing power key. Considering the conflict between the latter and this functionality, the strictest value (shorter time) is the one that will be applied, no matter if it was defined by the system user or by mobile user via device settings. When the functionality of 'lock instantly with power key' is enabled and the power key is pressed, the screen will be locked instantly regardless of the time set by either the system user or the mobile user. If the password is set, the mobile user is prompted for the password while unlocking the device. If the system user does not care about the idle time, USE DEVICE SYSTEM SETTINGS TIME can be clicked. If LOCK AFTER SCREEN TIMEOUT is clicked then device is locked immediately after screen time out.

Enable password visibility

A system user can enable or disable making the password visibile without the mobile user interaction. The mobile user and third-party applications cannot enable the visibility setting once it is disabled.

Set Required password pattern

The sysem user that last set the password pattern becomes the password pattern owner, meaning that only the owner's patterns are used to match new passwords. An system user can force the mobile user to enter a password based on a regular expression. For example, if the regular expression is [a-zA-Z]{4}[0-9]{4}, the system user forces the mobile user to enter an 8-character password with first 4 characters alphabetic and next 4 characters numeric. The system user must be careful when setting this pattern. Android requires a minimum password length of 4 characters and a maximum length of 16 characters. The pattern set must always allow passwords following these constraints.

Lock screen pattern visibility

Functionality to enable or disable screen lock pattern visibility.

Reboot device

Functionality to reboot the device immediately.

security.txt · Last modified: 2019/05/29 15:00 by devreach