PasswordRequirements

JSON representation
PasswordQuality
RequirePasswordUnlock
UnifiedLockSettings

Requirements for the password used to unlock a device.

JSON representation

JSON representation
{ "passwordMinimumLength": integer, "passwordMinimumLetters": integer, "passwordMinimumLowerCase": integer, "passwordMinimumNonLetter": integer, "passwordMinimumNumeric": integer, "passwordMinimumSymbols": integer, "passwordMinimumUpperCase": integer, "passwordQuality": enum (`PasswordQuality`), "passwordHistoryLength": integer, "maximumFailedPasswordsForWipe": integer, "passwordExpirationTimeout": string, "passwordScope": enum (`PasswordPolicyScope`), "requirePasswordUnlock": enum (`RequirePasswordUnlock`), "unifiedLockSettings": enum (`UnifiedLockSettings`) }

{
  "passwordMinimumLength": integer,
  "passwordMinimumLetters": integer,
  "passwordMinimumLowerCase": integer,
  "passwordMinimumNonLetter": integer,
  "passwordMinimumNumeric": integer,
  "passwordMinimumSymbols": integer,
  "passwordMinimumUpperCase": integer,
  "passwordQuality": enum (PasswordQuality),
  "passwordHistoryLength": integer,
  "maximumFailedPasswordsForWipe": integer,
  "passwordExpirationTimeout": string,
  "passwordScope": enum (PasswordPolicyScope),
  "requirePasswordUnlock": enum (RequirePasswordUnlock),
  "unifiedLockSettings": enum (UnifiedLockSettings)
}

Fields
`passwordMinimumLength`	`integer` The minimum allowed password length. A value of 0 means there is no restriction. Only enforced when `passwordQuality` is `NUMERIC`, `NUMERIC_COMPLEX`, `ALPHABETIC`, `ALPHANUMERIC`, or `COMPLEX`.
`passwordMinimumLetters`	`integer` Minimum number of letters required in the password. Only enforced when `passwordQuality` is `COMPLEX`.
`passwordMinimumLowerCase`	`integer` Minimum number of lower case letters required in the password. Only enforced when `passwordQuality` is `COMPLEX`.
`passwordMinimumNonLetter`	`integer` Minimum number of non-letter characters (numerical digits or symbols) required in the password. Only enforced when `passwordQuality` is `COMPLEX`.
`passwordMinimumNumeric`	`integer` Minimum number of numerical digits required in the password. Only enforced when `passwordQuality` is `COMPLEX`.
`passwordMinimumSymbols`	`integer` Minimum number of symbols required in the password. Only enforced when `passwordQuality` is `COMPLEX`.
`passwordMinimumUpperCase`	`integer` Minimum number of upper case letters required in the password. Only enforced when `passwordQuality` is `COMPLEX`.
`passwordQuality`	`enum (PasswordQuality)` The required password quality.
`passwordHistoryLength`	`integer` The length of the password history. After setting this field, the user won't be able to enter a new password that is the same as any password in the history. A value of 0 means there is no restriction.
`maximumFailedPasswordsForWipe`	`integer` Number of incorrect device-unlock passwords that can be entered before a device is wiped. A value of 0 means there is no restriction.
`passwordExpirationTimeout`	`string (Duration format)` Password expiration timeout. A duration in seconds with up to nine fractional digits, ending with '`s`'. Example: `"3.5s"`.
`passwordScope`	`enum (PasswordPolicyScope)` The scope that the password requirement applies to.
`requirePasswordUnlock`	`enum (RequirePasswordUnlock)` The length of time after a device or work profile is unlocked using a strong form of authentication (password, PIN, pattern) that it can be unlocked using any other authentication method (e.g. fingerprint, trust agents, face). After the specified time period elapses, only strong forms of authentication can be used to unlock the device or work profile.
`unifiedLockSettings`	`enum (UnifiedLockSettings)` Controls whether a unified lock is allowed for the device and the work profile, on devices running Android 9 and above with a work profile. This can be set only if `passwordScope` is set to `SCOPE_PROFILE`, the policy will be rejected otherwise. If user has not set a separate work lock and this field is set to `REQUIRE_SEPARATE_WORK_LOCK`, a `NonComplianceDetail` is reported with `nonComplianceReason` set to `USER_ACTION`.

PasswordQuality

Password quality requirements.

Note:

Complexity-based requirements are COMPLEXITY_LOW, COMPLEXITY_MEDIUM and COMPLEXITY_HIGH.
An instance of PasswordRequirements is said to be device-scoped if it has passwordScope set to SCOPE_DEVICE.
Complexity-based requirements can only be specified in a device-scoped instance of PasswordRequirements.
If passwordPolicies has a device-scoped element with passwordQuality set to a complexity-based value, then it must also have another device-scoped element with passwordQuality set to a non-complexity-based value. In this case, only the complexity-based value applies to personally owned work profile devices on Android 12 and above, and only the non-complexity-based value applies on all other devices.
A non-complexity-based device-scoped requirement applied on personally owned work profile devices on Android 12 and above will be treated as the next strictest complexity-based requirement for application. This may lead to a slight discrepancy between the requested requirements and the applied requirements.
See appliedPasswordPolicies for which password requirements are actually taking effect on the device.

Enums
`PASSWORD_QUALITY_UNSPECIFIED`	There are no password requirements.
`BIOMETRIC_WEAK`	The device must be secured with a low-security biometric recognition technology, at minimum. This includes technologies that can recognize the identity of an individual that are roughly equivalent to a 3-digit PIN (false detection is less than 1 in 1,000). This, when applied on personally owned work profile devices on Android 12 device-scoped, will be treated as `COMPLEXITY_LOW` for application. See `PasswordQuality` for details.
`SOMETHING`	A password is required, but there are no restrictions on what the password must contain. This, when applied on personally owned work profile devices on Android 12 device-scoped, will be treated as `COMPLEXITY_LOW` for application. See `PasswordQuality` for details.
`NUMERIC`	The password must contain numeric characters. This, when applied on personally owned work profile devices on Android 12 device-scoped, will be treated as `COMPLEXITY_MEDIUM` for application. See `PasswordQuality` for details.
`NUMERIC_COMPLEX`	The password must contain numeric characters with no repeating (4444) or ordered (1234, 4321, 2468) sequences. This, when applied on personally owned work profile devices on Android 12 device-scoped, will be treated as `COMPLEXITY_MEDIUM` for application. See `PasswordQuality` for details.
`ALPHABETIC`	The password must contain alphabetic (or symbol) characters. This, when applied on personally owned work profile devices on Android 12 device-scoped, will be treated as `COMPLEXITY_HIGH` for application. See `PasswordQuality` for details.
`ALPHANUMERIC`	The password must contain both numeric and alphabetic (or symbol) characters. This, when applied on personally owned work profile devices on Android 12 device-scoped, will be treated as `COMPLEXITY_HIGH` for application. See `PasswordQuality` for details.
`COMPLEX`	The password must meet the minimum requirements specified in `passwordMinimumLength`, `passwordMinimumLetters`, `passwordMinimumSymbols`, etc. For example, if `passwordMinimumSymbols` is `2`, the password must contain at least two symbols. This, when applied on personally owned work profile devices on Android 12 device-scoped, will be treated as `COMPLEXITY_HIGH` for application. In this case, the requirements in `passwordMinimumLength`, `passwordMinimumLetters`, `passwordMinimumSymbols`, etc are not applied. See `PasswordQuality` for details.
`COMPLEXITY_LOW`	Define the low password complexity band as: pattern PIN with repeating (4444) or ordered (1234, 4321, 2468) sequences This sets the minimum complexity band which the password must meet. Enforcement varies among different Android versions, management modes and password scopes. See `PasswordQuality` for details.
`COMPLEXITY_MEDIUM`	Define the medium password complexity band as: PIN with no repeating (4444) or ordered (1234, 4321, 2468) sequences, length at least 4 alphabetic, length at least 4 alphanumeric, length at least 4 This sets the minimum complexity band which the password must meet. Enforcement varies among different Android versions, management modes and password scopes. See `PasswordQuality` for details.
`COMPLEXITY_HIGH`	Define the high password complexity band as: On Android 12 and above: PIN with no repeating (4444) or ordered (1234, 4321, 2468) sequences, length at least 8 alphabetic, length at least 6 alphanumeric, length at least 6 This sets the minimum complexity band which the password must meet. Enforcement varies among different Android versions, management modes and password scopes. See `PasswordQuality` for details.

RequirePasswordUnlock

The length of time after a device or work profile is unlocked using a strong form of authentication (password, PIN, pattern) that it can be unlocked using any other authentication method (e.g. fingerprint, trust agents, face). After the specified time period elapses, only strong forms of authentication can be used to unlock the device or work profile.

Enums
`REQUIRE_PASSWORD_UNLOCK_UNSPECIFIED`	Unspecified. Defaults to USE_DEFAULT_DEVICE_TIMEOUT.
`USE_DEFAULT_DEVICE_TIMEOUT`	The timeout period is set to the device’s default.
`REQUIRE_EVERY_DAY`	The timeout period is set to 24 hours.

UnifiedLockSettings

Controls whether a unified lock is allowed for the device and the work profile, on devices running Android 9 and above with a work profile. This has no effect on other devices.

Enums
`UNIFIED_LOCK_SETTINGS_UNSPECIFIED`	Unspecified. Defaults to `ALLOW_UNIFIED_WORK_AND_PERSONAL_LOCK`.
`ALLOW_UNIFIED_WORK_AND_PERSONAL_LOCK`	A common lock for the device and the work profile is allowed.
`REQUIRE_SEPARATE_WORK_LOCK`	A separate lock for the work profile is required.