Product Documentation

To create an iOS Passcode policy

Oct 20, 2015

The iOS passcode policy allows you to configure device passcode policy according to the standards of your IT department for managed iOS devices.

  1. On the Policies tab, under iOS, click Configurations.
  2. In the New Configuration menu, click Profiles and Settings > Passcode.
  3. In Passcode, on the General tab, enter a name for the policy and then configure the policy removal settings.
  4. On the Policy tab, configure your iOS passcode policy according to the standards of your IT department. The passcode policy options are as follows:
    Option Description
    Require a code on the device Enables passcode protection on the device. If cleared, the device does not require a passcode on the device (unless the device user sets it manually).
    Allow simple values Allows the use of a simple passcode, which is defined as a passcode containing repeated characters, or increasing (bottom up) or decreasing (top-down) characters (such as 123 or CBA).
    Require alphanumeric values Requires that at least one character of the passcode is a letter.
    Minimum length codes Allows you to set the minimum overall length (in characters) required for the passcode.
    Allowed minimum non-alphanumeric characters Allows you to set the minimum amount of numerical characters required of the passcode.
    Maximum passcode age (1-730 days, or none) Allows you to specify the number of days for which the passcode can remain unchanged. After the set number of days, the user is forced to change the passcode before the device is unlocked.
    Auto lock (1-5, 10 or 15 minutes or none) Allows you to specify the number of minutes for which the device can be idle (without being unlocked by the user) before it gets locked by the system. When this limit is reached, the device is locked and the user must enter the passcode.
    Codes History (1 to 50 codes or none) Allows you to specify that when the user changes the passcode, it has to be unique within the last N number of entries in the history.
    Grace period before device lock Allows you to set the maximum grace period, in minutes, to unlock the phone without entering a passcode. Default is 0, (no grace period), which requires a passcode immediately.
    Maximum failed attempts Allows you to specify the number of allowed failed attempts to enter the passcode at the device's lock screen. When this number is exceeded, the device is locked and must be connected to its designated iTunes in order to be unlocked.
  5. Click Create. The new policy appears in the Policies list.