Password Requirements policy

ryan_er
New Contributor II

hello. Does anybody know how to modify the password requirements to remove this requirement "Not have two consecutive, or three sequential characters". I checked all over JAMF and i looked at apple's pwpolicy and there is nothing that shows that requirements. Our computers are not attached to AD.

1d24adc9ba794f69b891077fd870627c

Thank you!

7 REPLIES 7

Asnyder
Contributor III

This will be in your configuration profiles under password profiles. I think it will be the "allow simple value" checkbox.

Raymar
New Contributor

Hello Ryan,

As far as I know that is part of the "security / Require Passcode" setting and controlled by "Require Complex Passcode"

Kind regards,
Raymar

90c01f94b3fe4602b99dd72572690c07

maikelroolvink
New Contributor

Hi,

i noticed the same while the settings are correct Mac OS is still asking the question;

274b4a12952645c780de2bda376ffdae
5bdcc9110ff3462dbda56e260a988b58
d6cf96d4f2e94941b1fa735d45b1cc3a
c89e5b10a3af46dd9425015a9143c536

gachowski
Valued Contributor II

I thought this was because we had require alphanumeric enable, but now I am guessing that it's on the client side. While we were moving to local passwords and I was doing testing we never saw two consecutive, or three sequential characters. Then Apple released an OS updated and we went live with local password on the same day. Since it's more secure and only a few users were "upset" I never dug into it. However, I did just take a quick look at it, but because the Jamf profiles are signed it's not super easy to "read"... I didn't see any keys that explain "Not have two consecutive, or three sequential characters" and I didn't have Require Complex Passcode/require alphanumeric enabled.

Best guess is that it's hidden on the client side.

C

maikelroolvink
New Contributor

so any idea how to get this fixed? because pass phrases will have consecutive or sequential characters? it seems that the password policy is not completely applied as in jamf set.

UPDATE

so it seems that the policy is not wiped before changing, by manually wiping and replying the policy it worked;

sudo pwpolicy -clearaccountpolicies

could you please extend the number of minimum required characters within jamf?

rorlando
New Contributor

Has this happened to anyone recently?
We are not enforcing a pwd policy thru jamf pro or jamf connect. We are only enforcing thru Okta (our IdP) and it does not have this rule, but when the end user went to sync okta pwd with local macbook, they received this notification.

New password must NOT:

  • have two consecutive characters

  • have three sequential characters

CM2
New Contributor

I encountered this issue with another MDM, and raised this issue with their support team. They ended up apparently identifying this as a MacOS bug, and said they have filed a bug report with Apple.