Passcode (iOS/iPadOS)
Use the Passcode profile configuration to set minimum requirements for passcode-based user authentication on a device.
You do this when:
Settings
| Require alphanumeric passcode | Enable this option for passcodes to include at least one letter and one number. |
| Require complex passcode | Enable this option for passcodes to exclude repeated or sequential characters (for example, "123" or "CBA") and include at least one special character. |
| Minimum special characters | Set the minimum number of special characters in the passcode. A special character is a character other than a number or a letter, such as &, %, $, and #. |
| Minimum length | Set the minimum number of characters a passcode can contain. |
| Maximum passcode age | Set the maximum number of days that the passcode can remain unchanged. After this number of days, the system forces the user to change the passcode before it unlocks the device. |
| Enable maximum failed attempts before wipe | Enable this option to configure the maximum number of failed attempts. |
| Maximum number of failed attempts | Set the maximum number of failed attempts before a device is erased. |
| Maximum grace period | Set the maximum grace period, in minutes, to unlock the phone without entering a passcode. in macOS, the system translates this grace period value to screen-saver settings. |
| Enable automatic device lock | Toggle this option on to set the maximum period (in minutes) that a user can select, during which the device can be idle before the system automatically locks it. When the device reaches this limit, the device locks and the user must enter the passcode to unlock it. |
| Automatic device lock duration | Set the device automatic lock duration in minutes from 0-60. |
| Passcode reuse limit | Set the number of historical passcode entries the system checks when validating a new passcode. The device refuses a new passcode if it matches a previously used passcode within the specified passcode history range. |
| Force password update | If enabled, after deploying the profile the device forces a password reset the next time the user tries to authenticate. |