Category filter
How to Set Password Rules for Android Enterprise Container
Passwords are the front line of defense of a device. It helps to prevent unauthorized access to the device’s features and files thereby increasing the security of the device data. Hexnode’s password policy for Android ensures that the device is safe by forcing the users to set a password compliant with the rules specified in the web console.
On devices enrolled in the Android Enterprise, a work profile in addition to a personal profile will be automatically created on the device. All the work-related data will get stored in this work profile or enterprise container on the device. The Android Enterprise container password policy enables the organization to mandate password set up on the device container.
- This feature is supported in Android 7.0+ devices enrolled in Profile Owner mode.
- For devices enrolled in Device Owner mode, you’ll have to configure Device Password.
Configure Android Enterprise Container Password Rules
To configure the Android Enterprise container password,
- Login to your Hexnode portal.
- Navigate to Policies > New Blank Policy.
- Tap on Android > Password > Work profile password. Click Configure.
| Policy | Description |
|---|---|
| Password requirement | Select the type of characters that the user needs to use in a passcode. The options available are: simple value, numbers, alphabets, alphanumeric and complex value. The default value is ‘simple value’. |
| Minimum passcode length
(not applicable if simple valued password is selected) |
The length of the passcode the users wish to set. The allowed value ranges from 4 to 16. |
| Password age (in days) | The number of days before which the passcode needs to be changed to prevent its expiry. The available values are 10, 20, 50, 70, 120, 250, 360, 470, 600, 720. The users need to renew the password before the specified password age. Upon password expiry, the users would have to add a new password. |
| Auto-lock after | The amount of time after which the device would be locked automatically. The available values are never, 1 minute, 2 minutes, 3 minutes, 4 minutes, 5 minutes, 10 minutes, 15 minutes. By default, the auto-lock option will be disabled. |
| Password history (1-50 passcodes) | Blocks the users from re-using the password for the specific number of times. From 1-50 passcodes can be set. Password history is turned off by default. For instance, the password history is set as 5 and the current password is, say Abcd123!. If the user changes this password, he cannot use this password for the next 5 attempts. |
| Failed attempts | The device data will be wiped automatically if the user enters an incorrect password for the specified number of times. The number of attempts ranges from 4 to 10. |
| Minimum letter length
(applicable only if a password with complex value is required to be entered by the user) |
The minimum number of letters that can be included in a password. The value ranges from 1 to 5. |
| Minimum uppercase letters
(applicable only if a password with complex value is required to be entered by the user) |
The minimum number of uppercase letters that can be included in a password. The value ranges from 1 to 5. |
| Minimum lowercase letters
(applicable only if a password with complex value is required to be entered by the user) |
The minimum number of lowercase letters that can be included in a password. The value ranges from 1 to 5. |
| Minimum non-alphabetic characters
(applicable only if a password with complex value is required to be entered by the user) |
The minimum number of characters, other than alphabets, that can be included in a password. The value ranges from 1 to 5. |
| Minimum numeric letters
(applicable only if a password with complex value is required to be entered by the user) |
The minimum number of numbers that can be included in a password. The value ranges from 1 to 5. |
| Minimum symbols
(applicable only if a password with complex value is required to be entered by the user) |
The minimum number of special characters that can be included in a password. The value ranges from 1 to 5. |
Associate Policy with target entities
After configuring the password policy, the users need to associate the policy with the target device.
To associate the policy with target device,
- From the Policy Targets tab, tap on +Add Devices.
- Choose the device you wish to associate the policy with and click OK.
- Click Save.
- You can also choose device groups, users, user groups or domain and associate the policy.
If you wish to associate the policy at a later point of time,
- Tap on the Policies tab.
- Select the policy you wish to associate with the device from the list.
- Click on Manage and choose Associate Targets.
- Choose the devices you wish to associate the policy with and click Associate.
Setting up Container Passcode on the Android Device
On the Android device,
- Tap on the Hexnode for Work app.
- A Set up a new password for work option will be displayed. Click Set Up.
- Set the password for the work container and confirm.
- Set the desired work profile notifications and click Done.
The removal of the policy does not remove the password from the device. To remove the password from the device, manually initiate the removal. Navigate to Settings > Lock Screen > Work Profile Lock, enter the work container password and choose None. The settings may be different for different Android device models.
