Category Filter

How to configure device passwords on Android devices remotely?

Enforcing device passwords is the standard method of protecting organizational data across the endpoints. The Password policy helps you set up the minimum password requirements so that the user configures a password that meets your business compliance criteria. Hence, the devices that do not fulfill these password specifications will be recognized as ‘Non-Compliant’. But, rather than mandating password set up, the administrator is not assured if the user has configured a password or skipped the password setting on the device. And, there are times an organization might want to modify or set the password on its devices directly instead of stipulating the user to configure a strong device password. The Set Password action is yet another security enhancement on Android that enables you to set up the device/work profile password remotely from the Hexnode console. No matter whether you have associated a password policy with the device, this feature enables you to put a password in place over the air. It helps you ensure that the user does not leave the device unsecured without a strong password.

Notes:

  • The Hexnode MDM/Hexnode for Work apps must be updated to their latest versions.
  • To set up a password on Android 7+ devices, they should be enrolled in the Android Enterprise program. Also, you need to activate the password token from the Hexnode for Work app for the action to work.
    Activating the password token for Android Enterprise devices from the Hexnode for Work app

Set password on the device from the Hexnode console

  1. Log in to the Hexnode console.
  2. Navigate to Manage > Devices.
  3. Choose the device.
  4. Go to Actions > Set Password.
  5. Enter the password to be set up on the device.
    Notes:

    • The minimum password character length is 4.
    • Avoid passwords ending or beginning with space. Leading and trailing spaces, if any, get truncated.
    • Only the standard ASCII characters (ASCII code 32-127) are supported.

  6. Verify the password and click on Confirm.

Best practices to set up a password

Since a password is the access key to a device, you must set up a convenient yet hard-to-hack password on each endpoint. Here are some suggestions that will help you create a secure password.

  • Use a different password for each device: Though it is possible to execute the action across numerous endpoints simultaneously, it is not advised. Performing it separately on every device helps you enforce a different password on each endpoint. Thus, even when an intruder compromises the password of any device, other devices are safe.
  • Choose a password of considerable length: The longer the password, the lesser it is susceptible to attacks. Hence, select a password with significant length.
  • Increase character complexity: It is often suggested that a password should include all types of characters – numeric, alphanumeric and special characters. An increase in character complexity ensures that the device is protected from password guesstimates.

What happens at the device end?

The device gets configured with the password specified once the action is executed.

  • On devices that do not have a password, the lock screen pops up on the device for unlocking as the user tries to access the device.
  • If the device already has a password set up on the device, it is updated with the given password.

enter the new password on the device lock screen

The user can access the device only after specifying the new password, not the old one.

Executing the Set Password action on devices enrolled in Android Enterprise – Profile Owner mode configures the work profile password. To gain access to the work apps, the user must enter the configured work profile password when the device prompts the work password.

Notes:


When you enforce the Set Password action on a device, it is recommended to notify the device user regarding the password change. Otherwise, the user will be denied access to the device while they specify the old, incorrect password.