Passcode settings (WorkPlace Persona policy)
Use the Passcode settings to enforce the use of a secure passcode to access container apps on MaaS360 enrolled devices.
The following table describes the passcode settings that you can configure for MaaS360® enrolled devices:
| Policy setting | Description | Supported devices |
|---|---|---|
| Enforce passcode | Configures the passcode policy for accessing container apps. | |
| Configure passcode policy | ||
| Allow simple passcode | Simple passcode such as passcode values with ascending, descending, or repeating character sequences are allowed. Example: 1111, 12345 | iOS, Android, Windows Phone |
| Minimum passcode length | The minimum number of characters that are needed for a passcode. The range is 4 - 16 characters. | iOS, Android, Windows Phone |
| Require alphanumeric characters | Requires a user to create a passcode with both numbers and letters. Require special characters: Choose the number of special characters that are allowed for use in an alphanumeric passcode. The range is 1 - 4 characters. |
iOS, Android, Windows Phone |
| Maximum passcode age | The number of days that can pass before a passcode must be changed. The range is 1 - 365
days. If you leave this field blank, the passcode never expires. |
iOS, Android |
| Passcode history | Represents the minimum number of times that a unique passcode is needed before you reuse a
passcode. The range is 4 - 16 times. If you leave this field blank, you can reuse a passcode that you previously used on the device. |
iOS, Android |
| Allow fingerprint authentication | Allows users to use Touch ID on iOS and Fingerprint on Android instead of a PIN to access WorkPlace. If WorkPlace is not accessed for 48 hours, users must input a PIN. This setting also allows users to use Apple's facial recognition technology on iPhone X or XR. | iOS App 2.95+, Android App 5.55+ |
| Use corporate password as passcode | Users are prompted to enter corporate credentials to authenticate instead of a passcode.
Note: This setting is deprecated and is no longer supported post the upgrade of the MaaS360 app to
the Unified Authentication workflow and for device versions later than Android app 7.60 and iOS app
4.80. MaaS360 uses the authentication type that is set at the user-level for
enrollments.
|
iOS App 2.90+, Android App 5.25+ |
| Allowed time for offline authentication | Choose a time to perform offline authentication. Note: This setting is supported for Android
devices. For iOS, offline access is allowed for 24 hours.
|
Android 5.25+ |
| Failed attempts to allow before data wipe | The number of password attempts that are allowed before all data in the app is wiped. The allowed values are 4 - 16 or leave this field blank. | iOS, Android, Windows Phone |
| Allowed idle time (in minutes) | Prompts the user to input a passcode if the app is inactive for a specific amount of time. | iOS, Android, Windows Phone |
| Use passcode for content encryption | Allows the user to enter a passcode to encrypt content. Cache key for
background sync: Saves the encryption key in memory for the defined time period to allow
for background mail synchronization. This setting supports 8, 24, or 72 hours.
Note: If you do not
select a time period, mail is synchronized only when the app is open. The background synchronization
might not run in the background for a specific amount of time if the operating system stops the app
to recover memory. In this case, the background synchronization stops until the app is
reopened.
|
iOS App 2.70+, Android App 5.25+ |
| Enable user switch for shared devices | Users who share devices can use a PIN to switch device users. Timeout for inactive
signed-in user (in minutes): Automatically signs out the current user if the app is
inactive for a specific amount of time. Leave this field blank to prevent the user from
automatically signing out of the device.
Note: The Sign Out option is still
available on the device regardless of what is configured for this setting.
|
Android App 5.85+ |