Skip to main content

Apple Screen Saver Policy

Updated over a week ago

The Apple Screen Saver Policy allows IT administrators to configure and enforce screen saver settings on managed macOS devices. This helps maintain security, prevent unauthorized access, and ensure a consistent experience across all endpoints.

🧭 Overview

This policy controls how and when a screen saver activates on macOS devices, whether a password is required to unlock the screen, and which screen saver module is displayed.
It applies to macOS 10.11 and later.

⚙️ Settings and Options

1. Require Password to Unlock Screen

  • Description: Enforces password authentication when the screen saver is stopped or the system is unlocked.

  • Options:

    • True – Users must enter their password to unlock.

    • False – Screen can be unlocked without a password.

  • Requirement: macOS 10.13+

2. Require Password Delay

  • Description: Sets a delay (in seconds) before the password requirement activates after the screen saver starts.

  • Example:

    • 0 – Require password immediately.

    • 300 – Require password after 5 minutes.

  • Note, on macOS Lock Screen – “Never Require Password” Configuration (Important Explanation)

    When configuring macOS lock screen behavior through Swif, you may want the device to effectively never prompt for a password after the screen saver starts or the display turns off.

    On macOS, this behavior is controlled by two settings:

    1. Require Password to Unlock Screen

    2. Require Password Delay (seconds)

  • How to Configure “Never Require Password”

    To simulate “Never require password,” configure:

    • Require Password to Unlock Screen: True

    • Require Password Delay: Set to the maximum allowed value (e.g., 2147483647 seconds)

  • Why “Require Password” Must Be Set to True

    This may seem counterintuitive.

    macOS requires the password enforcement mechanism to be enabled in order to apply a delay value. If Require Password is set to False, macOS may:

    • Ignore the delay value

    • Revert to system defaults

    • Display inconsistent behavior in System Settings

    By setting:

    • Require Password = True

    • Delay = Maximum Value

    You are effectively telling macOS:

    Require a password — but only after an extremely long delay (many years).

    This results in the practical behavior of never prompting for a password after the screen saver or display sleep.

  • Example Delay Values

Delay Value (seconds)

Behavior

0

Require a password immediately

300

Require a password after 5 minutes

2147483647

Effectively never require a password

3. Screensaver Path

  • Description: The full POSIX file path to the .saver bundle used as the screen saver.

  • Default macOS locations:

    • /System/Library/Screen Savers/ (built-in)

    • /Library/Screen Savers/ (custom company-wide modules)

Sample Values:

Example

Description

/System/Library/Screen Savers/Flurry.saver

Built-in macOS "Flurry" screen saver

/System/Library/Screen Savers/Message.saver

Built-in "Message" screen saver

/Library/Screen Savers/Aerial.saver

Custom Aerial screen saver deployed via MDM

4. Login Window Screensaver Idle Time

  • Description: The duration (in seconds) of inactivity at the login window before the screen saver starts.

  • Example:

    • 600 = 10 minutes

    • 0 = Never activates

5. Screensaver Idle Time

  • Description: Duration (in seconds) of inactivity before the screen saver starts for logged-in users.

  • Example:

    • 900 = 15 minutes

    • 300 = 5 minutes

6. Screensaver Module Name

  • Description: The display name of the screen saver module (without the .saver extension).

  • Requirement: Must match the module name defined in the .saver bundle.

  • If not specified: macOS defaults to the Flurry module.

Sample Values:

Example

Description

Flurry

Built-in macOS module

Message

Displays a custom message

Aerial

Uses the popular Aerial video screen saver

🧩 Example Configuration

Setting

Sample Value

Require Password to Unlock

True

Require Password Delay

0

Screensaver Path

/System/Library/Screen Savers/Flurry.saver

Login Window Screensaver Idle Time

600

Screensaver Idle Time

900

Screensaver Module Name

Flurry

This configuration enforces the Flurry screen saver after 15 minutes of inactivity and requires a password immediately upon wake.

✅ Best Practices

  • Use built-in screen savers (e.g., Flurry, Message) to ensure compatibility with all macOS versions.

  • For custom screen savers (like Aerial), deploy the .saver bundle to /Library/Screen Savers/ before applying this policy.

  • Set the Require Password option to True to comply with most security frameworks (e.g., SOC 2, ISO 27001).

Last updated: November 2025
​Applies to: macOS 10.11+

Related Articles
BYOD per compliance requirement
Apple Password Policy
Linux Screen Saver Policy
Apple Energy Saver Policy
Linux Policy Cleanup After Unenrollment or Policy Deletion
Did this answer your question?