Mobile Device Management - Ensure That Mobile Devices Require a Minimum Password Length To Prevent Brute Force Attacks

 








Summary

Users should use a minimum password length of at least six characters to unlock their mobile devices. 

Reason

Devices without this protection are generally vulnerable to being accessed physically by attackers who can then steal account credentials, data, or install malware on the device. 

What If?

This setting cause a potentially high user impact depending on the willingness and awareness of the end-user.  

How to?

To set mobile device management profiles, use the Microsoft 365 Admin Center:
  1. Under Admin Centers pick Endpoint Management.
  2. Select Devices and then under Policy select Configuration profiles
  3. Select Create Profile
  4. Set a Name for the policy, choose the appropriate Platform and select Device restrictions.
  5. In the Password section, make sure that Minimum password length is set to 6.  

Monitor:

To verify mobile device management profiles, use the Microsoft 365 Admin Center:
  1. Under Admin Centers pick Endpoint Management.
  2. Select Devices and then under Policy select Configuration profiles
  3. Review the list of profiles. Ensure that a profile exists for each Platform.
  4. Review the Password section under Device restrictions and verify Minimum password length is set to 6.  


























Comments

Popular posts from this blog

Deployment (Part 3)

Deployment (Part 1)

Project Resourcing (Part 2)