10-Digit PIN for the iPhone
I recently got asked what I thought of the iPhone in a medium corporate environment. While that is a great topic for discussion (another day) I did stumble across an Apple utility that allows you to do a few nifty things on the iPhone.
Recently mobile phones have been playing a larger and larger role in our lives; it’s not just a phone anymore, but also a small form PDA, calendar, stock console, newspaper, IM client, password vault, etc. The list goes on. Keeping all this data safe is an often overlooked task; and the iPhone comes with a 4-digit passcode which will lock your phone should it fall into the wrong hands. Additionally, you can remotely wipe your phone, or set it to automatically wipe after 10 failed attempts. 10 attempts out of 1000 seem like pretty reasonable odds; and Apple realised that.
Enter the iPhone configuration utility; available for both Windows and OsX. Download and install it, then create a new profile. Fill out the usual identifying questions, and under the passcode section, you can configure various criteria for a passcode.
While there are lots of really useful options, some which would be ideal in a corporate environment – there is no way to send these in bulk, over the air, to multiple iPhones. So, if you manage a large number of units, this will get tedious. Again, this is a conversation or another day though.
Once you’ve set the criteria (length, expiration, auto-locking, password re-use, failed attempt count, etc) you’re ready to go. If you are looking at managing iPhones in a corporate environment, there are a large number of further options – like defaults for VPNs, wireless access, LDAP, Exchange, etc.
If you wish to deploy this to a large number of iPhones, the easiest way it to sign the configuration and email it to yourself. Forward the email (or rather, the attachment) to a set of accounts that can access their email from the iPhone and install the profile from the phone. While not automated, very prone to user failure, without a way to confirm the user did open it, and likely to push your users closer to a phisher – in a controlled environment this can be successfully used to deploy to multiple iPhones.
Tags: Apple, iPhone, passcode, PDA, Security
Tuesday, May 18th, 2010 at 10:38 am • General • RSS 2.0 feed • leave a response or trackback
