Apply password settings for mobile devices

As an administrator, you can protect data by making sure that managed devices have a screen lock or password. With advanced management, you can enforce stronger passwords that have minimum requirements and make sure that users reset their password regularly. 

Before you begin

  • If you use basic management, users with Android 5.1.1 Lollipop and earlier devices need to install the Google Apps Device Policy app. Passwords are not enforced on Apple® iOS® 7 and earlier devices. 
  • Users receive a notification if they fall out of compliance with your password requirements. 
  • If users don’t comply with your password requirements within 24 hours, they won’t be able to access your company data until they set a password that meets the requirements.

Apply password settings

Step 1: Require a screen lock or password
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Devices.

    To see Devices, you might have to click More controls at the bottom.

  3. Click Password settings
  4. Check the Require users to set a password box.
  5. (Optional) On the left, select the organizational unit to which you want to apply the settings.
  6. Next to Password strength, select Basic (Any screenlock)
  7. (Optional) If you use basic mobile device management and want to require passwords on devices earlier than Android 6.0 Marshmallow:
    1. Check the Require users of pre-Android 6.0 (Marshmallow) devices to set a password box.
    2. Click Require Password.
      Users of those devices are prompted to install a device policy app.
  8. Click Save.
Step 2: (Recommended) Set advanced password requirements
Advanced management only
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Devices.

    To see Devices, you might have to click More controls at the bottom.

  3. Click Password settings
  4. Check the Require users to set a password box.
  5. (Optional) On the left, select the organizational unit to which you want to apply the settings.
  6. Choose a password strength:
    • Standard—Requires a PIN or password. Screen lock patterns are not accepted. A password can contain any characters in any order.
    • Strong—Requires at least one character, number, and symbol. (Not supported on Windows® Phone 7 and 7.5 devices.)
  7. (Optional) If you selected Strong, you can:
    1. Check the Apply custom advanced Android password strength settings box. 
    2. Select options for letters, numbers, and special characters in passwords. 
  8. Next to Minimum number of characters, enter a minimum password length.  
    Strong passwords should have 3 or more characters.
  9. (Optional) To prompt users to reset their password regularly, check the Number of days before password expires box and enter the number. 
    (Supported on Android 3.0 Honeycomb and later devices.)
  10. (Optional) To prevent the reuse of expired passwords:
    1. Check the Number of expired passwords that are blocked box. 
    2. Enter the number of previous passwords that can’t be used again. 
      For example, enter 2 to block the user from reusing their last 2 device passwords.
      (Supported on Android 3.0 and later devices.)
  11. To lock the device screen after a set time, select a number of minutes from the Automatically lock the device after menu. 
    For Apple® iPhone® devices, the limit is 5 minutes. For iPad® devices, the limit is 15 minutes.
  12. (Optional—Use with caution) To automatically wipe a device when a user enters an incorrect password:
    1. Check the Number of failed password attempts before device is wiped box.
    2. Enter a number.
      For example, if you enter 5, then 4 failed attempts are allowed. After the fifth, the device is wiped, which resets it to factory settings.
  13. Click Save.

Related topics

Was this helpful?
How can we improve it?