Android entreprise - Disable One Lock password
It seems that by default on android entreprise when you ask for a password on the work profile only, android choose to have the same password on both personnal and work profile.. It is called the One Lock option.
Would it be possible to disable this option ?

7 comments
-
Anonymous commented
Other MDM solutions does not automatically turn on "One Lock", hence overall better user experience, especially if the user forgets the new passcode but still remember their simple Device passcode.
-
Jtomren commented
In addition if you set the following setting for work profile "Number of sign-in failures before wiping the work profile" you are wiping the personal space to if the device is set with "one lock password".
-
bjoern commented
It is even better, in Intune you can configure the correct compliance / config. profiles, using a different password policy for system and workprofile password, but Samsung Knox devices are ignoring this. The option "One Lock" will be set without asking or the possibility to configure it in Intune. So I can configure it correctly in Intune, but for my users only the workprofile password will be set for all. The only way to change this, the user has to manually change this "one lock" feature under the work profile, change the workprofile PW again, and afterwards setting for example the system PIN as unlock method.
So, if I plan a freh roll out, where the users can unlock with a PIN the phone and with a password the workprofile, to all my employees with a work phone / work profile (about 100), it is not possible without a manually task from the user. All my users had to disable the "one lock", setting a password, changing the unlock method, setting a system PIN and adition make no mistakes. And THIS for a feature which I configures correctly / automatically.
This cant be your intention? I can configure different password policies, but I cant roll out them without adding a manualy task from my users?
Please give us the possibility to change the "one lock" feature! Otherwise your MDM solution is worthless, and I have to use the Vodafone / Veam product, where this is not an issue.
-
John commented
This was available previously but has somehow been deprecated. Very important for our Org
-
Anonymous commented
This would be a nice addition to the capabilities list, for sure.
-
Anonymous commented
Would be nice to add the possibility to have two different password enabled from android 9.0.
-
Anonymous commented
Would love to see this on the device restrictions list. Best, Chris Hoard