How to bypass MDM activation lock on Macbook, iPhone and iPad?

Activation Lock is an in-built security feature available in all Apple devices. However, when Apple devices are used in organizations by the workforce, they will have to be repurposed and reused when employees leave the organization. In such cases, Activation Lock needs to be bypassed or turned off, to facilitate device reassignment. Fortunately, modern Mobile Device Management solutions can help with activation lock removal on macOS and iOS devices. 

This document explains in detail about how the activation lock can be turned off on Macbooks, iPhones and iPads.

What is Activation Lock?

Activation Lock is a feature designed by Apple to enhance corporate data security by mandating users to enter their Apple passwords when devices such as iPhones, iPads and Macs are factory reset. This Factory Reset Protection (FRP) system is also known as iCloud Lock and is a part of the Find My iPhone app available on devices running iOS 12 or earlier versions. From iOS 13 onwards and on macOS, Activation Lock is available under the Find My app which combines both Find My iPhone and Find My FriendsThis feature ensures that sensitive data is protected even if the device falls into the wrong hands. 

Activation Lock helps safeguard the data stored on Apple devices when they are misplaced or stolen. It can be enabled on the following devices:

  • Apple iPhone
  • Apple iPad
  • Apple iPod
  • Apple Watch
  • Mac machines running macOS 10.15 or later versions
  • Mac machines which have the Apple T2 security chip

Under certain circumstances, it is necessary to bypass Activation Lock on Macbook and iPhones, despite it being a security feature. This document explains how deploying a mobile device management solution such as Mobile Device Manager Plus (MDM), can help with iPhone and Macbook Activation Lock removal during these situations without compromising device security.   

This document covers the following:

How to enable Activation Lock?

To protect the devices from theft and unauthorised access, Activation Lock can easily be enabled on Macbooks or iPhones

  • Activation Lock is automatically enabled when the user turns on Find My iPhone or Find My, depending on the device and the OS version.
  • Once the Activation Lock is enabled, the user's Apple ID is securely stored on Apple’s activation servers and linked to the corresponding device.
  • For security reasons, anyone who tries to turn off the Activation Lock or reactivate the device by factory resetting it will be prompted to provide the user's Apple account credentials. Thereby, unauthorized users are prevented from accessing the data stored on these devices.

Enabling Activation Lock on iOS devices

If the device is recovered, the user will have to enter their Apple account credentials to reactivate the device.

What is the need to bypass Activation Lock?

While the Activation Lock appears to be beneficial in securing personal devices, it poses a challenge in the case of corporate devices. Many organizations provide mobile devices to their employees for work. Each corporate device is associated with an employee's account. The problem arises when the employee has enabled Find My on the device and leaves the organization, returning the device to the IT admin. When the device is reset for handing it over to another employee, there is a prompt to enter the account credentials of the previous employee. Only if the credentials are entered correctly can the device be used again. As it is impossible to bypass the Activation Lock, the device is rendered useless to the organization. This problem can be eliminated by keeping the Activation Lock turned off on corporate devices. However, this is not ideal as the devices become vulnerable to misuse if lost or stolen. There needs to be a provision to bypass the Activation Lock on Macbooks and iOS devices, during these situations without compromising device security.

How to remove or bypass Activation Lock on Apple devices?

ManageEngine's Mobile Device Manager Plus (MDM), a robust mobile device management solution provides an effective way to bypass Activation Lock along with ensuring data security.

In order to disable Activation Lock using MDM, the Apple devices need to be Supervised. Supervision is an ideal way to provide IT admins additional control over corporate iOS and macOS devices.

Bypass Activation Lock on iPhones and iPads

MDM supports two methods to Supervise and bypass or remove the Activation Lock on devices like iPhones (iOS), iPads (iPadOS), and MacBooks (macOS).

Enrolling devices using any of the above mentioned methods will remove the Activation Lock and the user will not be able to enable it. 

How to bypass Macbook Activation Lock?

Macbooks are gaining popularity in organizations, which makes it crucial to disable/bypass Activation lock on Macbooks before they're provided to employees. Mobile Device Manager Plus simplifies Macbook Activation Lock removal, once it is managed by devices.

For Macbook Activation Lock bypass using MDM, the Mac device should be Supervised using Apple Business Manager or Apple School Manager, which is a program similar to ABM for educational institutions.