Hi Inosh, This is indeed a good approach to have a consistency in passcode policy regardless of the platform. Even though we maintain two separate policy wizards this will help to minimize the confusion of MDM administrators when pushing the same policy to both iOS and Android devices.
Anyhow, I would like if you can clarify on following areas which I'm not too clear. 1. 1. In Android normally new policies are being added with each release. For an example the Password Minimum Upper Case policy is only available with API level 11 (Honeycomb) and above. Therefore will this be an issue when we tried to create this consistency between iOS and Android passcord policies? We can perform a version checks in the application, yet couldn't this affect the consistency that we are going to create since an EMM server may have devices with different Android versions? 2. According to the combination table, let's assume that I have configured a passcord which is *1234a#* before a passcord policy is being enforced to the device. Once an administrator enforced a passcord policy which can be either *simple* or *alphanumeric, w*ill that affect my existing passcord which is *1234a#*? Is the passcord policy is minimal strength check or does it check for an exact match? So when we are determining whether the existing passcord satisfies the required policy what happens in a situation like I described above? 3. "*In iOS protocol, allow simple passcode means that the user is free to enter just a pin or any passcode. However with Android currently, it must be a alphanumeric value only.*" Can't we use PIN in Android now? 4. If Android does not allow numbers only or alphabetic characters only passwords could we have the option isSimple for both Android and iOS? Please note that I have referred to following references [1] https://developer.android.com/guide/topics/admin/device-admin.html [2] https://developer.apple.com/library/content/featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html#//apple_ref/doc/uid/TP40010206-CH1-SW9 Thank you Best Regards, Madhawa On Wed, Jan 31, 2018 at 12:14 PM, Inosh Perera <[email protected]> wrote: > Hi Rasika, > > Please find the possible combinations and the minimum password needed > bellow, > isSimple isAlphanumeric isComplex Minimum sufficient password > y n n 1234 > y y n 1234a > y y y 1234a# > n y y 1234a# > n n y 1234# > y n y 1234# > n y n 1234#h > n n n 1234# > Regards, > Inosh > > > On Wed, Jan 31, 2018 at 11:51 AM, Charitha Goonetilleke < > [email protected]> wrote: > >> Hi Inosh, >> >> On Tue, Jan 30, 2018 at 3:33 PM, Inosh Perera <[email protected]> wrote: >> >>> Hi all, >>> >>> Currently the passcode policy of IoT server for Android and iOS >>> platforms seems to have followed 2 different approaches and this >>> inconsistency can lead to confusion for an EMM administrator. >>> >>> *Following are the inconsistencies,* >>> In iOS protocol, allow simple passcode means that the user is free to >>> enter just a pin or any passcode. However with Android currently, it must >>> be a alphanumeric value only. >>> Also in iOS disallow simple is equivalent to having at least one complex >>> characters regardless of the alphanumeric check. When alphanumeric is not >>> required and complex characters are set to 1, the user should be able to >>> add a password like "1234$" as the passcode and currently Android policy >>> does not support this behaviour and it ask for a minimum one alphabetic >>> character regardless of the state of alphanumeric checkbox. Therefore to >>> get rid of these inconsistencies, I suggest we should make the Android >>> passcode policy work similar to iOS. >>> >>> *Solution* >>> Therefore, as per iOS protocol, following would be the standard of the >>> passcode policy, >>> allowSimple - If a simple passcode containing just numbers or just >>> letters or combination is allowed. Setting this to "no" mean, a complex >>> passcode is required and of minimum of 1 complex character together with >>> numbers or alphabets characters. >>> minComplexChars - A complex character is a character other than an >>> alphanumeric value. Setting min complex chars restriction will not mean >>> that an alphabetic character is required. >>> requireAlphanumeric - Whether alphabetic characters are required or is >>> it enough to have numbers only. >>> >> >> +1, By doing so we can have same experience for pass code policy. Anyway >> with current design, we have clear separation with Android and iOS >> policies. So still we might have to keep those two policy wizards. >> >> >>> >>> Regards, >>> Inosh >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> Thanks & regards, >> /charithag >> >> -- >> *Charitha Goonetilleke* >> Senior Software Engineer >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> mobile: +94 77 751 3669 <%2B94777513669> >> Twitter:@CharithaWs <https://twitter.com/CharithaWs>, fb: charithag >> <https://www.facebook.com/charithag>, linkedin: charithag >> <http://www.linkedin.com/in/charithag> >> >> <http://wso2.com/signature> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Inosh Perera > Senior Software Engineer, WSO2 Inc. > Tel: 077813 7285, 0785293686 > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Madhawa Perera | Software Engineer WSO2, Inc | lean. enterprise. middleware. #20, Palm Grove, Colombo 03, Sri Lanka Mobile: +94 (0)77 365 5496 | Work: +94 11 214 5345 Email: [email protected] | Web: www.wso2.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
