14 DAY FREE TRIAL

No Search Results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Managing ChromeOS Devices
  3. Passcode

Category filter

Enforce password policy on ChromeOS devices enrolled in Hexnode

Jump To

Keeping your organization’s data secure begins with strong password practices. With Hexnode UEM, you can easily configure and enforce password rules on ChromeOS devices. This ensures that all devices within the organization follow the defined security standards, strengthening overall compliance. This guide will walk you through the process of configuring and applying a password policy for ChromeOS devices.

Configuring password policy for ChromeOS

To configure password policy for ChromeOS devices:

  1. Login to your Hexnode UEM portal.
  2. Navigate to the Policies tab.
  3. Click New Policy to create a new one or select an existing policy to edit.
  4. Enter the Policy name and Description (optional) in the corresponding fields.
  5. Go to ChromeOS > Passcode and click Configure.
  6. Set the required password settings:
    1. Show the Display Password button from the login screen: Select this option to display an eye icon in the password field on the login screen. Clicking the icon reveals the entered password, helping users confirm they’ve typed it correctly.
    2. Allow Smart Lock (supported on ChromeOS 38+): When enabled, users can unlock their Chromebook using a nearby Android phone without needing to enter a password or PIN. The Android phone must be a trusted device and connected through the ChromeOS device settings.
    3. Quick unlock method (supported on ChromeOS 87+): Quick unlock lets users unlock their ChromeOS device faster using a PIN or fingerprint after they’ve signed in with their password. It doesn’t replace the main login method but makes it easier to unlock the device during an active session. The available options are:
      1. None: If set to None or left unset, only the main password can be used to unlock the device.
      2. Pin only: Allows users to unlock the device with a PIN after the initial sign-in.
      3. Fingerprint only: Allows users to unlock the device with fingerprint after the initial sign-in.
      4. PIN and Fingerprint: Enables both PIN and fingerprint as quick unlock options after the user has signed in.
    4. PIN auto-submit (supported on ChromeOS 86+): When this feature is enabled, the device automatically unlocks as soon as you enter the last digit of your PIN or authenticate with your fingerprint. There is no need to press the Enter button. It supports PINs between 6 and 12 digits and is available only when the Quick unlock method is set to either PIN only or PIN and Fingerprint.

      5. Options to configure password policy for ChromeOS devices

Associating password policy with devices

Policies cannot be associated with ChromeOS devices directly; they can only be associated via Organizational Units (OUs).

You have two ways to apply the policy:

  • Parent OU assignment: Applying a policy to a parent OU instantly enforces it on every device within that OU and all of its nested child OUs. This is ideal when you want every enrolled ChromeOS device to adhere to the same password settings.

    • Or

  • Child OU assignment: Assigning a policy directly to specific child OUs lets you target specific teams, departments, or functional groups without impacting unwanted devices.
  1. If the policy is not yet saved:
    1. Navigate to Policy Targets > Domains/OUs.
    2. Click on +Add Domain/OUs.
    3. From the list, select the Google Workspace account integrated with your Hexnode UEM portal, which can be identified by the “(Google)” tag.
    4. Click the dropdown next to the parent OU (briefcase icon) to expand and view its child OUs.
    5. Select the required child OUs, or the parent OU itself depending on your requirement, and click OK.
    6. Then click Save.
  2. If the policy is already saved:
    1. Navigate to the Policies tab and select the desired policy.
    2. Click Manage > Associate Targets > Domain/OUs.
    3. From the list, select the Google Workspace account integrated with your Hexnode UEM portal, which can be identified by the “(Google)” tag.
    4. Click the dropdown next to the parent OU (briefcase icon) to expand and view its child OUs.
    5. Select the required child OUs, or the parent OU itself depending on your requirement, and click Associate.

What happens at the device end?

Once the policy is associated and saved, it will take effect on the device following a restart or user account sign-out.

Need more help?
Raise a Ticket Raise a Ticket
Ask Community Ask Community
Chat With us Chat With us
  • Managing ChromeOS Devices