pdf icon
Category Filter


The passcode, being the first line of security for devices, organizations would want to set passcodes adhering to their security standards, ensuring certain aspects like the minimum length and complexity requirements. You can define the parameters for creating a passcode by configuring the Passcode profile. Setting up Passcode profile for a device, automatically sets the passcode for Apple Watch when paired with the device. The Passcode profile is supported for macOS in addition to iOS devices.

Profile Description

Allow passcode to be set on the device (iOS 9 or later versions - Supervised devices only) Enabling this allows a passcode to be set on the device as per the associated Passcode profile configurations. If restricted, passcode cannot be set. Also, the existing passcode on the device is automatically cleared and users are prevented from setting a new passcode.
Settings below can be configured only if Allow passcode to be set on the device is enabled.
Passcode should contain Choosing Simple Value, ensures a simple passcode is set on the device. This can include repeating, ascending and descending character sequences such as 1111/aaaa etc. If Alphanumeric value is chosen, it is mandatory that the passcode contains alphanumeric value.
Minimum passcode length The minimum length for the passcode can be set here.
Minimum number of special characters The minimum number of special characters that the passcode should contain, can be set here.
Maximum idle time allowed before auto-lock Idle time refers to the time duration before the device screen locks automatically. The maximum idle time can be set as required. If the specified duration is not supported by the OS running on the device, the closest duration which is supported by the OS is selected automatically. This configuration is overridden, if Auto-lock option is configured in Kiosk and both profiles are distributed to the same device.
Maximum time to unlock device without passcode The time limit for users to unlock devices without using their passcodes, can be set here. If this has been set to five minutes for instance, users can unlock the device without a passcode, within five minutes after the device gets locked.
Maximum number of failed attempts Maximum number attempts to unlock the device, before it gets locked by Apple.
Restrict users from modifying the passcode  (iOS 9 or later versions - Supervised devices only) Enabling this restricts users from modifying the passcode. The restriction is applied after an hour of profile association or during the next sync, whichever happens first. Until then, users can modify the passcode. The restriction can be enforced immediately by navigating to the Inventory tab and clicking on Scan Devices ( Inventory-> Scan Devices).
Maximum passcode age Maximum passcode age refers to the number of days after which the passcode expires and a new one has to be set. This can range from 1 to 730 days.
Maximum number of passcodes to be maintained in history This can range from 1 to 50 passcodes.
Jump To

    Related Articles