The Android Password Policy in Swif is used to define and enforce password requirements on Android devices and work profiles. It helps ensure that employee devices meet your organization’s security standards by controlling password strength, complexity, and rotation.

Applies to: Company-owned and BYOD Android devices
Minimum OS: Android 9+

What this policy does

This policy lets you:

Require passwords (instead of no lock screen)
Control how complex passwords must be (length, letters, numbers, symbols)
Decide whether requirements apply to the entire device or just the work profile
Lock out weak passwords by enforcing minimum complexity
Configure how often passwords expire
Optionally wipe a device after too many failed unlock attempts

You can use it for:

Company-owned fully managed Android devices
BYOD devices where Swif manages a work profile (separate business container)

Key settings

1. Password Requirements

Display Name: Password Requirements
Description: Configure password policies to enhance device security.
Applies to: Android 9+

This section is a group of options that control the rules for the device or work profile password.

Maximum Failed Passwords For Wipe

Display Name: Maximum Failed Passwords For Wipe
What it does:
Sets how many incorrect unlock attempts are allowed before the device is wiped.
Behavior:
- 0 = No wipe triggered (no limit enforced by this rule)
- > 0 = After this many failed attempts, the device is automatically wiped
Recommended use cases:
- High-security environments: small number (e.g., 10)
- Standard environments: may leave at 0 or higher number, depending on risk tolerance
Default in Swif: 0
Minimum allowed value: 0

Password History Length

Display Name: Password History Length
What it does:
Prevents users from reusing their most recent passwords.
Behavior:
- 0 = No history restriction (users can reuse any previous password)
- > 0 = User cannot set a new password that matches any of the last N passwords
Example:
- Set to 5: the last 5 passwords cannot be reused.
Default in Swif: 0
Minimum allowed value: 0

Password Minimum Length

Display Name: Password Minimum Length
What it does:
Sets the minimum number of characters required for the password.
Behavior:
- 0 = No minimum length enforced by this rule
- > 0 = Password must be at least this many characters
Important:
This rule is only enforced when Password Quality is one of:
- NUMERIC
- NUMERIC_COMPLEX
- ALPHABETIC
- ALPHANUMERIC
- COMPLEX
Typical recommendations:
- 6–8 characters for very basic protection (not recommended for corporate data)
- 10–12+ characters for stronger security
Default in Swif: 0
Minimum allowed value: 0

Password Minimum Letters

Display Name: Password Minimum Letters
What it does:
Requires at least a certain number of letters (A–Z, a–z) in the password.
Behavior:
- Only enforced when Password Quality is set to COMPLEX
- 0 = No letter count requirement
- > 0 = Password must include at least this many letters
Use case:
Ensure passwords aren’t just numbers or symbols when using complex passwords.
Default in Swif: 0
Minimum allowed value: 0

Password Minimum Lower Case

Display Name: Password Minimum Lower Case
What it does:
Requires at least a certain number of lowercase letters (a–z).
Behavior:
- Only enforced when Password Quality is COMPLEX
- 0 = No lowercase requirement
- > 0 = Must contain at least this many lowercase letters
Security tip:
Combine with a requirement for uppercase letters and numbers for stronger complexity.
Default in Swif: 0
Minimum allowed value: 0

Password Minimum Non-Letter

Display Name: Password Minimum Non-Letter
What it does:
Requires at least a certain number of non-letter characters (numbers or symbols).
Behavior:
- Only enforced when Password Quality is COMPLEX
- 0 = No non-letter requirement
- > 0 = Must contain at least this many numbers or symbols
Example:
Set to 2: a password like SecurePass!2 satisfies the requirement (contains at least 2 non-letter characters: ! and 2).
Default in Swif: 0
Minimum allowed value: 0

Password Minimum Numeric

Display Name: Password Minimum Numeric
What it does:
Requires at least a certain number of digits (0–9).
Behavior:
- Only enforced when Password Quality is COMPLEX
- 0 = No digit requirement
- > 0 = Must contain at least this many digits
Default in Swif: 0
Minimum allowed value: 0

Password Minimum Symbols

Display Name: Password Minimum Symbols
What it does:
Requires at least a certain number of symbols (such as ! @ # $ %).
Behavior:
- Only enforced when Password Quality is COMPLEX
- 0 = No symbol requirement
- > 0 = Must contain at least this many symbols
Default in Swif: 0
Minimum allowed value: 0

Password Minimum Upper Case

Display Name: Password Minimum Upper Case
What it does:
Requires at least a certain number of uppercase letters (A–Z).
Behavior:
- Only enforced when Password Quality is COMPLEX
- 0 = No uppercase requirement
- > 0 = Must contain at least this many uppercase letters
Default in Swif: 0
Minimum allowed value: 0

Password Quality

Display Name: Password Quality
What it does:
Defines the overall strength level and type of password required. Higher quality levels impose stricter rules on how passwords are built.
Options:
- (empty / unspecified) – No explicit requirement set
- PASSWORD_QUALITY_UNSPECIFIED – Same as no explicit quality requirement
- BIOMETRIC_WEAK – Allows weak screen lock backed by biometric (e.g. fingerprint, face) where supported
- SOMETHING – Generic “something” to unlock (pattern, PIN, or password)
- NUMERIC – PIN-only (numbers)
- NUMERIC_COMPLEX – Stronger numeric-only passwords (e.g. no repeated or simple sequences)
- ALPHABETIC – Letters only
- ALPHANUMERIC – Letters and numbers
- COMPLEX – Strongest traditional password requirement with letters, numbers, and optional symbols
- COMPLEXITY_LOW – System-driven low complexity level
- COMPLEXITY_MEDIUM – System-driven medium complexity level
- COMPLEXITY_HIGH – System-driven high complexity level
How it interacts with other settings:
- Password Minimum Length is enforced when set to NUMERIC, NUMERIC_COMPLEX, ALPHABETIC, ALPHANUMERIC, or COMPLEX.
- The “minimum letters / numbers / symbols / upper- / lower-case” settings are enforced when set to COMPLEX.

Typical guidance:

BYOD / lighter protection:
- Use ALPHANUMERIC or NUMERIC_COMPLEX plus a reasonable minimum length.
High-security / regulated:
- Use COMPLEX or COMPLEXITY_MEDIUM/HIGH, combined with length and minimum-character rules.

Password Scope

Display Name: Password Scope
What it does:
Controls where the password rules apply:
Options:
- (empty / unspecified) – No explicit scope set
- SCOPE_UNSPECIFIED – Same as unspecified
- SCOPE_DEVICE – Applies to the entire device
- SCOPE_PROFILE – Applies only to the work profile (Android Work Profile / BYOD)
Use cases:
- Company-owned devices: typically use SCOPE_DEVICE so the full device meets company standards.
- Employee-owned (BYOD): usually use SCOPE_PROFILE to enforce security only on the corporate work profile without changing personal device settings.

2. Password Expiration Timeout (Days)

Display Name: Password Expiration Timeout (Days)
What it does:
Sets how many days a password can be used before the user must change it.
Behavior:
- 0 = Password does not expire
- 1–365 = Password expires after this many days; user is required to set a new one
Examples:
- 90 days: common rotation period for many companies
- 30 days: stricter rotation for higher security environments
Default in Swif: 0 (no expiration)
Minimum value: 0
Maximum value: 365
Applies to: Android 9+

3. Minimum Password Complexity

Display Name: Minimum Password Complexity
What it does:
Defines a numeric strength score for passwords from 0 to 100. Higher values require stronger passwords (longer and more diverse characters).
Behavior:
- 0 = Allow any password strength (no extra complexity requirement)
- 1–100 = Increasingly strong passwords required
  - Higher scores normally translate into:
    Longer minimum length
    More character variety (letters, numbers, symbols)
    Less predictable patterns
Recommendation:
- 60 is recommended as a strong default for most organizations.
Default in Swif: 60
Allowed range: 0 to 100
Applies to: Android 9+

Platform and ownership support

Supported platforms:
- Android (Android 9+)
Supported ownership types:
- Company-owned devices
- BYOD (work profile)

This means you can consistently apply password standards across both fully managed and personally owned Android devices where Swif is managing corporate data.

Best-practice examples

Example 1: Company-owned device, strong security

Password Minimum Length: 10
Password Quality: COMPLEX
Password Minimum Upper Case: 1
Password Minimum Lower Case: 1
Password Minimum Numeric: 1
Password Minimum Symbols: 1
Password History Length: 5
Password Expiration Timeout (Days): 90
Minimum Password Complexity: 70
Password Scope: SCOPE_DEVICE

Example 2: BYOD with work profile, balanced security

Password Minimum Length: 8
Password Quality: ALPHANUMERIC or NUMERIC_COMPLEX
Password History Length: 3
Password Expiration Timeout (Days): 180
Minimum Password Complexity: 60
Password Scope: SCOPE_PROFILE

Where to find this in Swif

You’ll find the Android Password Policy under your Android/Device management policies in the Swif admin console. Once configured and assigned to the right device groups or users, Swif will enforce these rules the next time devices sync.

How to Reset a Device Password

Apple Password Policy

Windows Password Policy

Android-Specific MDM Policies Available in Swif.ai

Windows PIN Policy