Hi Inosh, Please find inline comments.
> Therefore, as per iOS protocol, following would be the standard of the > passcode policy, > allowSimple - If a simple passcode containing just numbers or just > letters or combination is allowed. Setting this to "no" mean, a complex > passcode is required and of minimum of 1 complex character together with > numbers > or alphabets characters. > minComplexChars - A complex character is a character other than an > alphanumeric value. Setting min complex chars restriction will not mean > that an alphabetic character is required. > requireAlphanumeric - Whether alphabetic characters are required or is it > enough to have numbers only. Could you describe what would be the minimum sufficient password for each combination for isSimple, isAlphanumeric, isComplex ? Best Regards, ~Rasika On Tue, Jan 30, 2018 at 3:33 PM, Inosh Perera <[email protected]> wrote: > Hi all, > > Currently the passcode policy of IoT server for Android and iOS platforms > seems to have followed 2 different approaches and this inconsistency can > lead to confusion for an EMM administrator. > > *Following are the inconsistencies,* > In iOS protocol, allow simple passcode means that the user is free to > enter just a pin or any passcode. However with Android currently, it must > be a alphanumeric value only. > Also in iOS disallow simple is equivalent to having at least one complex > characters regardless of the alphanumeric check. When alphanumeric is not > required and complex characters are set to 1, the user should be able to > add a password like "1234$" as the passcode and currently Android policy > does not support this behaviour and it ask for a minimum one alphabetic > character regardless of the state of alphanumeric checkbox. Therefore to > get rid of these inconsistencies, I suggest we should make the Android > passcode policy work similar to iOS. > > *Solution* > Therefore, as per iOS protocol, following would be the standard of the > passcode policy, > allowSimple - If a simple passcode containing just numbers or just letters > or combination is allowed. Setting this to "no" mean, a complex passcode is > required and of minimum of 1 complex character together with numbers or > alphabets characters. > minComplexChars - A complex character is a character other than an > alphanumeric value. Setting min complex chars restriction will not mean > that an alphabetic character is required. > requireAlphanumeric - Whether alphabetic characters are required or is it > enough to have numbers only. > > Regards, > Inosh > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- With Regards, *Rasika Perera* Senior Software Engineer LinkedIn: http://lk.linkedin.com/in/rasika90 <http://wso2.com/signature> WSO2 Inc. www.wso2.com lean.enterprise.middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
