Forum Discussion
Is there a way to force users to reset passcode without admin needing to give a temporary password.
- 2 years ago
Okay thank you. We will go ahead with the following approach.
1. Set Password Policy
2. Set Policy enforcement rule for `passwordRequirement` with blockAction set to 0 days.3. Send Reset password command with empty/static password which is not compliant with passwordRequirement.
That should block the user until they reset password.
Yes I have tried this and it works. The concern is that, in the period between when the password is wiped and legit user gets the chance to set a new password, any one who gets access to the device will be able to unlock witout password and set their own password.
You can solve for this with appropriate communication with the affected users, and back the password policy up with a compliance action that blocks access to work data until a password is re-set, preventing users from working with corp data until they set a password. That should spur them on and encourage them to not leave password unset long enough to have the device taken from them by a bad actor.
Related Content
- 5 months ago