User

Complexity

Availability

Added in

TDM v1

Available in

Standard, Professional

Specifies the types of characters and length which must be used in a PIN or password.

Hint

On Android 12+, the High option requires either an 8 digit PIN or 6 character password

Options:

  • Unspecified (default)

  • Low (4 digits)

  • Medium (4 non-repeating, non-sequential digits)

  • High (8 non-repeating, non-sequential digits)

Equivalent Android Settings:

  • DevicePolicyManager.setPasswordComplexity

  • DevicePolicyManager.setPasswordQuality

  • DevicePolicyManager.setPasswordMinimumLength

Presets:

Preset

Value

Reference

DISA STIG

High

GOOG-12-006000, GOOG-12-006100

NCSC

High

Password Requirements

Xewli

High

Expiration

Availability

Added in

TDM v1

Available in

Standard, Professional

Specifies the time duration for which a password can be used before the user is required to change it.

Options:

  • None (default)

  • 1 month

  • 3 months

  • 6 months

  • 12 months

Equivalent Android Settings:

  • DevicePolicyManager.setPasswordExpirationTimeout

Presets:

Preset

Value

Reference

DISA STIG

None

(not specified - use system default)

NCSC

None

(not specified - use system default)

Xewli

None

Maximum failed attempts

Availability

Added in

TDM v1

Available in

Standard, Professional

Specifies if a device should be factory reset after too many consecutive incorrect device-unlock attempts, and if so, the number of failed attempts that will trigger the factory reset.

Hint

A factory reset cryptographically erases device encryption keys from disk, clears those keys from memory, reformats the user data partition, and then reboots.

Options:

  • None (default)

  • 5

  • 10

  • 25

  • 50

  • 100

Equivalent Android Settings:

  • DevicePolicyManager.setMaximumFailedPasswordsForWipe

Presets:

Preset

Value

Reference

DISA STIG

10

GOOG-11-000500

NCSC

None

(not specified - use system default)

Xewli

10

History restriction

Availability

Added in

TDM v1

Available in

Standard, Professional

Specifies the number of unique new passwords that must be used before an old password can be reused.

Options:

  • None (default)

  • 5

  • 10

  • 15

  • 20

Equivalent Android Settings:

  • DevicePolicyManager.setPasswordHistoryLength

Presets:

Preset

Value

Reference

DISA STIG

None

(not specified - use system default)

NCSC

None

(not specified - use system default)

Xewli

None