Setting macOS password requirements
You can choose whether password rules for
macOSdevices apply to the device or the user and whether a password is required. If you require a password, you can set the requirements for the password.
IT policy rules target
This rule specifies whether the IT policy rules for the password apply only to the assigned user's account or to the entire device.
Password required for device
Specify whether the user must set a device password.
Allow simple password
Specify whether the password can contain repeated or sequential characters, such as DEFG or 3333.
Require alphanumeric value
Specify whether the password must contain both letters and numbers.
Minimum password length
Specify the minimum length of the password.
Minimum number of complex characters
Specify the minimum number of non-alphanumeric characters that the password must contain.
Maximum password age
Specify the maximum number of days that the password can be used before it expires and the user must set a new password.
Specify the maximum number of minutes of user inactivity that must elapse before a device locks. If set to "None," the user can select any value.
Specify the maximum number of previous passwords that a device checks to prevent a user from reusing a password.
Maximum grace period for device lock
Specify the maximum value that a user can set for the grace period for device lock, which is the amount of time that a device can be locked before a password is required to unlock it.
Maximum failed password attempts
Specify the number of times that a user can enter an incorrect password before a device is wiped.
For more information about the IT policy rules password rules, download the Policy Reference Spreadsheet.