Swif's Mac Password Policy allows administrators to enforce password security standards for macOS devices within their organization. This guide details each policy setting and best practices for configuration.
Configuration Options
Allow Simple Passcode
Description: Permits the use of simple passcodes (e.g., repeating or sequential numbers).
Default Recommendation: Disabled for enhanced security.
Require Passcode on Device
Description: Enforces a passcode requirement on the device.
Default Recommendation: Enabled.
Maximum Grace Period for Device Lock
Description: Duration (in minutes) a device can remain unlocked without requiring re-authentication. When set to "0," authentication is required immediately after inactivity or when the device locks.
Recommendation: Short grace periods enhance security.
Maximum Number of Failed Attempts
Description: The number of consecutive failed login attempts permitted before the device initiates a security action (e.g., device lock or data wipe).
Range: 2 to 11 attempts.
Recommendation: Setting fewer allowed attempts increases security.
Maximum Auto-Lock
Description: Maximum minutes of inactivity allowed before the device automatically locks.
Range: 0 to 15 minutes.
Recommendation: Shorter durations enhance security.
Maximum Passcode Age
Description: The maximum number of days a passcode can remain unchanged.
Range: 3 to 730 days.
Recommendation: Regular changes improve security.
Minimum Number of Complex Characters
Description: Minimum number of complex (non-numeric, non-alphabetic) characters required in the passcode.
Range: 0 to 4 characters.
Recommendation: Higher values improve password complexity and security.
Minimum Passcode Length
Description: Minimum number of characters required in the passcode.
Range: 0 to 16 characters.
Recommendation: Longer passwords are more secure.
Delay After Failed Login Attempts
Description: Time (in minutes) the device waits after the maximum failed login attempts are reached before allowing another attempt.
Possible Values: Typically 0 minutes for immediate retry lockouts.
Recommendation: Adjust based on organizational security policy.
Passcode History
Description: Number of previous passcodes the device remembers, preventing reuse.
Range: 1 to 50 passcodes.
Recommendation: Higher values enhance password security.
Require Alphanumeric Value
Description: Requires passcodes to include both letters and numbers, enhancing complexity.
Recommendation: Enabled for stronger security.
Best Practices
Regularly review and update passcode policies to align with evolving security standards.
Enforce policies strictly across all macOS devices to ensure consistent security.
Troubleshooting & Support
If you encounter issues configuring or enforcing password policies, contact Swif Support for assistance.