Reputation: 486
How does android do Password Validation?
I have added a password policy with the following requirements for an android device.
- Minimum Password Length - 4
- Maximum failed password attempts - 3
Then I created a password with four characters.
Expected behaviour in this scenario is that the device wipes data (Factory Reset) after three failed attempts to log in.
This behaviour is correctly observed when I try to log in and fail three times with a password which has a passwordLength >= 4; but when the passwordLenth < 4 The device doesn't wipe after three failed attempts.
Is this the intended behaviour of android?
Upvotes: 3
Views: 280
Answers (1)
Reputation: 1261
This is the expected behaviour of Android. Since the minimum length of a password is set to 4, entries less than 4 characters will not be considered as threats since they are not registered as valid password entries.
But if the entry contains more than 4 characters, this will be considered as a valid password and processed because this can be a risk as user can enter different entries and try to crack the password.
So the company reset/ wipe data triggers only when a user enters 3 or more valid password entries.
Upvotes: 2
Related Questions
- How to validate Password Field in android?
- how to check password and confirm password in field in android?
- Which app controls Yes/No Authentication in Android?
- how to implement Password Validation in android
- Password validation confirmation in android
- How Android Password manager App works?
- User Authentification on Android - Security Implementation
- Does Android have a function to validate passwords?
- How to check the device has set password or not in android?
- Authentication mechanism in Android?