Sophos Mobile: How to config password policies on iOS devices

Profiles and Policies are split for each supported mobile device platform, iOS, Android, Windows mobile, macOS and Windows. We recommend that when you are creating device profiles, you only add a single configuration to each profile. This means that you can easily reuse that profile in task bundles and reduce management

Guide to config

  • Login to Sophos Central by Admin account
  • If you do not have an Admin account, create a Sophos Central account
  • Mobile 0> CONFIGURE -> Profiles, policies -> iOS -> Create -> Device profile

 

  • Enter Name and click Add configuration

 

  • Choose Password policies -> Click Next -> With the Password policies configuration you define requirements for the device password

Allow simple value: Users are allowed to use sequential or repeated characters in their password

Require alphanumeric value: Passwords must contain at least one letter or number

Minimum password length: Specifies the minimum number of characters a password must contain

Minimum number of  complex characters: Specifies the minimum number of non-alphanumeric characters a password must contain

Maximum password age in days: Requires users to change their password in the specified interval. Value range: 0 to 730 days

Maximum Auto-Lock (in minutes): In this field, you can specify the maximum value the user is allowed to  configure on the device. Auto-Lock specifies how soon (in minutes) the device will be locked if it has not been used

Password history: The number of previously used passwords Sophos Mobile stores. When the user sets a new password, it must not match a password that was already used

Maximum grace period for device lock: In this field, you can specify the maximum value the user is allowed to  configure on the device. The grace period for device lock specifies for how long the device can be unlocked after a lock without a password prompt. If you select None, the user can select any of the intervals available. If you select Immediately, users must enter a password every time the unlock their devices

Number of failed attempts until device wipe: In this field, you can specify the number of failed attempts to enter the correct password before the device is wiped. For example, after six failed attempts, a time delay is imposed before a password can be entered again. The delay increases with each failed attempt. After the final failed attempt, all data and settings delay starts after the sixth attempt, all data and settings are secured removed from the device. The time delay starts after the sixth attempt. So if you set this value to 6 or lower, no delay is imposed and the device is wiped when the attempt limit is exceeded

-> Click Apply -> Click Save

 

  • MANAGE -> Devices -> Choose device which you want to apply that policy

 

  • Choose Profiles -> Click Install profile

 

  • Select the profile you want to install -> Click OK

 

** If you cannot install profile on your device, let’s install Apple DEP on Sophos Central

Be the first to comment

Leave a Reply

Your email address will not be published.


*