How do Applivery's Android password policies enhance device security?

Applivery enables remote configuration of minimum password rules for Android devices, ensuring compliance with organizational security policies and strengthening protection against unauthorized access.

Where do I configure Android password policies in Applivery?

In the Applivery Dashboard, navigate to Policies, select your Android Policy, then go to Security in the left-hand menu and click + Add Password Policy.

What is "Maximum Failed Passwords For Wipe" in Applivery?

This setting defines how many incorrect password attempts are allowed before an Android device is completely wiped. A value of 0 means there's no limit on attempts.

How can I prevent users from reusing old passwords on Android devices?

Use the "Password History Length" setting. It specifies how many previous passwords are remembered, preventing users from reusing them to maintain security.

What is the difference between Password Complexity and Password Quality in Applivery?

Password Complexity is the newer simplified approach (Android 12+) with three levels: Low, Medium, and High. Password Quality is the legacy approach with more granular options. When Complexity is used, the API automatically generates an equivalent Quality configuration for backwards compatibility with older Android versions.

How does "Password Scope" work for Android devices, especially AOSP?

"Password Scope" determines if the policy applies to the Work Profile, entire device, or both. For AOSP devices, it always applies to the full `DEVICE` lock screen as there's no Work Profile.

What is "Password Expiration Timeout" in Applivery?

This setting defines how long a password can be used on an Android device before the user is required to change it, enforcing regular password updates for enhanced security.

Secure Android Devices: Configure Password Policies with Applivery

When managing Android Devices with Applivery, one of the most important aspects is ensuring they’re protected with a strong password. It’s not just about setting any passcode, but about enforcing minimum rules to guarantee a decent level of security across all Devices.

With Applivery, you can easily configure these requirements remotely, making sure that all Devices comply with your organization’s security Policies without hassle.

Configure Android Password Policies for enhanced security

Navigate to Policies

Once in the Applivery Dashboard, navigate to Policies 1.

Select Android Policy

Select the Android Policy where you want to enforce password security.

Access Security settings

In the left-hand menu, select Security.

Add Password Policy

Click the + Add Password policy 2 button. A modal will appear asking you to choose the type of password requirement: Password Complexity or Password Quality.

Android's API has two concepts for password policies:

Password Complexity — The newer, simplified approach introduced in Android 12.
Password Quality — The legacy approach, which allows a more detailed configuration.

For backwards compatibility, when a Complexity configuration is sent to the Android Management API (AMAPI), it also requires the equivalent legacy Quality configuration to be sent alongside it. These are two ways of expressing the same requirement, but the API needs both.

Note

If no legacy quality policy is defined for the same scope, a compatible legacy equivalent will be automatically generated. This ensures compatibility with older Android versions.

Password Complexity

Available on Android 12 and above, with three predefined levels:

Low: Pattern or PIN with repeating (4444) or ordered (1234, 4321, 2468) sequences allowed.
Medium: PIN with no repeating or ordered sequences; alphabetic or alphanumeric password with a minimum length of 4 characters.
High: PIN with no repeating or ordered sequences and at least 8 characters, or alphabetic/alphanumeric password with at least 6 characters.

Password Quality

The legacy approach, which provides more granular control over password requirements:

Unspecified: No password requirements are enforced.
Biometric Weak: Requires a low-security biometric recognition method.
Something: A password is required, but with no restrictions on what it must contain.
Numeric: The password must contain numeric characters.
Numeric Complex: Numeric characters only, with no repeating (4444) or ordered (1234, 4321, 2468) sequences.
Alphabetic: The password must contain alphabetic or symbol characters.
Alphanumeric: The password must contain both numeric and alphabetic characters.
Complex: The password must meet the minimum requirements defined in the fields below.

When Complex is selected, the following additional fields apply:

Password Minimum Length: Sets the minimum number of characters required.
Password Minimum Letters: Minimum number of letter characters required.
Password Minimum Lower Case: Minimum number of lowercase letters required.
Password Minimum Non-Letter: Minimum number of non-letter characters required (numbers or symbols).
Password Minimum Numeric: Minimum number of numeric digits required.
Password Minimum Symbols: Minimum number of symbols required (e.g., @, #, %).
Password Minimum Upper Case: Minimum number of uppercase letters required.

Common settings

The following settings apply regardless of which policy type you choose:

Password Scope: Determines which part of the Device the Policy applies to — the Work Profile, the entire Device, or both.
Require Password Unlock: Specifies the duration after unlocking the Device with a secure method (e.g., PIN or pattern) before the user is required to use that method again instead of biometrics.
Unified Lock Settings: Controls whether the same lock settings apply to both the Device and the Work Profile. If separate passwords are required and the user hasn't configured one, the Device will be marked as non-compliant.
Maximum Failed Passwords For Wipe: Specifies how many incorrect password attempts are allowed before the Device is completely wiped. A value of 0 means there's no limit.
Password Expiration Timeout: Defines how long a password can be used before the user is required to change it.
Password History Length: Indicates how many previous passwords are remembered to prevent reuse.

Properly configuring password Policies on Android Devices through Applivery is a simple and effective way to strengthen security. By adjusting these settings, you ensure that all Devices meet your organization's minimum security standards, reduce potential risks, and maintain centralized control.

AOSP Devices Support

Password Policies work the same on AOSP — same fields, same configuration steps. The only differences worth noting:

Password Scope is always DEVICE on AOSP. There is no Work Profile separation, so the Policy always applies to the full Device lock screen.
Unified Lock Settings does not apply — there is a single lock screen only.

Key Takeaways

Applivery simplifies the enforcement of strong password policies on Android devices.

Properly configured password complexity, length, and expiration settings are crucial for security.

Protecting organizational data requires setting and maintaining minimum security standards.

Regular password updates significantly enhance device security.

Applivery allows for centralized and remote management of Android password policies.