Managing factory reset protection for Android Enterprise devices
Android Enterprise
devicesYou can use the factory reset protection profile to control the factory reset protection feature for your organization’s
Android Enterprise
devices that have been activated using the Work space only
and Work and personal - full control
activation types.Factory reset protection requires an
Android
device user to enter their Google
account credentials to unlock a device that has been reset to factory settings. It is enabled by default when a user adds a Google
account to the device. This profile allows you to disable factory reset protection or specify a user account that can be used to unlock a device after it has been reset to factory settings.This profile provides three options:
- You can disable factory reset protection. If you disable factory reset protection, anyone can reset a lost or stolen device to factory settings and begin using the device. This option is useful if a known user has forgotten theirGoogleaccount credentials or if you need to reset a device owned by your organization that has been returned to you.
- Users can useGoogleaccount credentials that are already associated with the device after a factory reset. This is the default behavior. If a device is reset to factory settings, the user must log into the device usingGoogleaccount credentials that are already on the device. This prevents someone with a lost or stolen device from resetting and using it themselves.
- You can specifyGoogleaccount credentials that a user can use to log into the device after it has been reset to factory settings.This option allows your organization to control who can log into a device after it is reset to factory settings.BlackBerryrecommends that you only use this option if you fully understand the device user experience.