Historically, Google releases a new Android version every year in late Q3/early Q4, and mandates that by mid-Q4, apps uploaded to the Play Store “target,” or are optimized to run on, the previous yea...
Updated Dec 19, 2023
Version 9.0
Blog Post
Would you be able to provide some clarification on the information around the new password complexity options for BYOD Android 12+ detailed here: https://learn.microsoft.com/en-us/mem/intune/protect/compliance-policy-create-android-for-work#android-12-and-later---for-personally-owned-work-profile. Specifically when the high password complexity will automatically apply to devices if the password complexity is not set in the policy. The documentation says newly enrolled BYOD Android 12+ devices will default to a complexity of high if the password complexity is not set on the policy used to manage these devices. The documentation also states that for any devices that are already enrolled/managed with a policy that uses the 'Required password type' and 'Minimum password length' those devices will continue to use these settings and will not be affected by the new password complexity options. However, this section of the documentation goes on to say that: "If you change an existing policy with the Required password type setting that's already configured, then Android Enterprise 12+ devices will automatically use the Password complexity setting with the High complexity."
Is this "change" referring to a change in the policy settings only or does this also include changes to the assignment of the policy? Meaning, can I adjust the scope of an exiting policy using the Required password type setting without devices in that policy automatically using the High password complexity?
The use case is I must use the high password complexity in order to meet my organization set minimum requirements, but I don't want to subject all currently managed devices with the required password type setting to a more complex password policy immediately. My goal is to test the device behavior of a BYOD Android 12+ device that is currently managed with the required password type setting when it's scoped to a new policy with the password complexity of high. I will do this by assigning a second policy with the password complexity set, and excluding the same device from the existing policy that I use to manage all BYOD Android devices and does not have a password complexity set. Will this exclusion made to the assignment of the existing policy cause all of my Android 12+ devices to automatically use the high password complexity?