Work Profile Password Complexity affects Personal Space device password that unlocks the device : Intune

govi
Level 2.0: Eclair

Hi,

Personally owned devices with a work profile running on Android 12 and above devices today, we are over controlling their personal space by demanding complex password setup.

there are two passwords affected by this Password complexity setting in Intune :

  • The device password that unlocks the device
  • The work profile password that allows users to access the work profile

Even we choose medium complexity, user are getting a notification to change the device password to complex. this is not feasible for the BYOD scenario. Yes, i can understand security perspective avoid simple passcode, but policy shouldn't force for lengthy and complex passwords. how you configured this password complexity your environment ?.

7 REPLIES 7

Moombas
Level 4.1: Jelly Bean

Hi Govi, Why setting device password policy and not only work profile policy?

Then the user can set his own password for the device but the work part is still covered by your policy.

govi
Level 2.0: Eclair

Yes, our target is also the same. But Microsoft Intune doesn't allow this and explained here "https://learn.microsoft.com/en-us/mem/intune/configuration/device-restrictions-android-enterprise-pe... -> with Android 12 and above -> Choosing Password Complexity as Medium/High affects both the Device / Work password to meet the complexity requirements. i feel its overcontrolling the end users personal space when we activate with AE.

Moombas
Level 4.1: Jelly Bean

Hi govi, 

your link doesn't work for me.
The information i found is: https://learn.microsoft.com/en-us/mem/intune/protect/compliance-policy-create-android-for-work

And there's this:
"Newly enrolled Android Enterprise 12+ devices will automatically use the Password complexity setting with the High complexity. So if you don't want a High password complexity, then create a new policy for Android Enterprise 12+ devices and configure the Password complexity setting."

govi
Level 2.0: Eclair

sorry, but this the working link : https://learn.microsoft.com/en-us/mem/intune/configuration/device-restrictions-android-enterprise-pe... . Yes, even we reconfigured with Password Complexity as medium its demanding the Device level password change which we don't want. 

govi
Level 2.0: Eclair

any new suggestion or views for the above requirement ?. 

jeremy
Level 2.3: Gingerbread

If you believe this is not working as explained by the Intune documentation, you should raise a support ticket with the Intune support team they will be able to debug this and escalate if needed.

Sorry,

 

Jeremy

govi
Level 2.0: Eclair

thanks for your hint. Yes, we are doing that too and waiting for their update. here we posted to know more about expert view on this topic and reported issue pattern.