Skip Navigation

Managing factory reset protection for 
Android Enterprise
 devices

You can use the factory reset protection profile to control the factory reset protection feature for your organization’s 
Android Enterprise
 devices that have been activated using the 
Work space only
 and 
Work and personal - full control
 activation types.
Factory reset protection requires an 
Android
 device user to enter their 
Google
 account credentials to unlock a device that has been reset to factory settings. It is enabled by default when a user adds a 
Google
 account to the device. This profile allows you to disable factory reset protection or specify a user account that can be used to unlock a device after it has been reset to factory settings.
This profile provides three options:
  • You can disable factory reset protection. If you disable factory reset protection, anyone can reset a lost or stolen device to factory settings and begin using the device. This option is useful if a known user has forgotten their 
    Google
     account credentials or if you need to reset a device owned by your organization that has been returned to you.
  • Users can use 
    Google
     account credentials that are already associated with the device after a factory reset. This is the default behavior. If a device is reset to factory settings, the user must log into the device using  
    Google
     account credentials that are already on the device. This prevents someone with a lost or stolen device from resetting and using it themselves.
  • You can specify 
    Google
     account credentials that a user can use to log into the device after it has been reset to factory settings.This option allows your organization to control who can log into a device after it is reset to factory settings. 
    BlackBerry
     recommends that you only use this option if you fully understand the device user experience.