Last updated: Nov 02, 2020 17:25
By Nate Stuyvesant
Avoiding unintended passcode locking
Devices tied to a Mobile Device Management (MDM) solution like AirWatch, MobileIron, and XenMobile engage the passcode lock and then you can't use the device. This happens if a device is opened by an end-user and left idle until the lockout period for the MDM is reached. Perhaps you were getting coffee? Whatever the reason, once the passcode lock is engaged on iOS, the only option is for someone in the data center to go to the rack, pick up your device and enter the passcode manually.
Why is this a limitation?
Apple has very strong security and even law enforcement isn't happy about how hard it is to break into a mobile device if there's a passcode lock.
The best solution is to not use an MDM for testing devices. If that is not an option, the second best approach is to create a test profile that does not trigger device locking. Still not an option? Then set the passcode lock timeout in the MDM to the maximum time interval. This will reduce the likelihood of the passcode lock engaging. (Setting it to "immediately" will cause operational issues when opening the device.)
If you know that you will not be interacting with a device before the passcode lock period expires, simply close it. When devices are not left open and idle, the passcode lock will not engage.
Additionally, Perfecto Mobile Support can configure your cloud to automatically close idle sessions with devices with a time interval that would be less than the interval for the passcode lock set by your MDM. This can prevent accidental locking due to a distraction such as a phone call.
Perfecto is not responsible for installing, configuring or maintenance of any customer MDM or customer installed certificate(s).
Still have questions?
Please let your Customer Success Manager know if you have any additional questions.