Hey Guys,
I have an issue (not really an issue, but would like some information)
I currently have my phone setup with my work email via microsoft exchange setup through the phone. Now i'm assuming that the certificate that my company uses, requires me to have a password lock on my phone for security purposes. It initiates the password when the phone is not in use for more than 20 minutes. This drives me INSANE! i always have to type in a 4 digit "simple pin" to unlock my phone if i haven't touched it for 20 minutes.
How can i disable this? The menu which i have to setup the pin # doesn't allow me to uncheck enable.
Is there another certificate i can use which doesn't require me to lock the phone?
My friend works for a different company, and uses the same method for email, and i guess their company isn't secure as she doesn't have to use a security pin at all.
Any help would definitely be appreciated!
Thank Guys!/Girls!
I know that having a password forced on you, when you didn't have one before, can be really annoying at first. However, after a bit of time it just becomes normal and isn't really an issue. You are talking a trade off of 2-3 seconds vs. free access to confidential company data/files.
When you first connect to an Exchange 2007 (guessing this is what's being used) system it prompts the phone to make the changes (accept), you don' t have a choice. As you mentioned, having the password feature is "secure" compared to your friends company that "isn't secure". Enterprise users should have passwords enabled. Wanting to bypass it kinda smacks of not caring about your employers rules/policies, security and ultimately others who work at your company.
I know in our environment it would be a violation of company policy and a clear and deliberate breach of it, turning off a security feature. You would be speaking to the IT Manager and Human Resources as soon as caught about your future or lack thereof.
Damn.... i guess your right!
Thanks for the input!
If you do a search you will find a fix which will essentially push the timeout to 24 hours versus the 5-10 minutes that is given normally. This ensures the lock is still present (especially for rebooting and activesynch connect) but you only get bugged to do it every once in a while.
Just search around - you'll find it (I recently changed my registry to have a 24 hr time out.) This is something that Exchange does not check when you synch. If the password is removed then you will get dinged by your admin sooner or later.
jessiethe3rd said:
If you do a search you will find a fix which will essentially push the timeout to 24 hours versus the 5-10 minutes that is given normally. This ensures the lock is still present (especially for rebooting and activesynch connect) but you only get bugged to do it every once in a while.
Just search around - you'll find it (I recently changed my registry to have a 24 hr time out.) This is something that Exchange does not check when you synch. If the password is removed then you will get dinged by your admin sooner or later.
Click to expand...
Click to collapse
agh... wtf do i search? lol
oh boy, the adventure begins! wish me luck!
ok i think i got it!
the only stuff i could find was to disable it permanantly... nothing regarding changing it to 24 hours.
mightymike84 said:
ok i think i got it!
the only stuff i could find was to disable it permanantly... nothing regarding changing it to 24 hours.
Click to expand...
Click to collapse
nevermind.
i did the following:
HKLM/Security/Policies/Policies/00001023 to value 1
changed that reg entry, and instead of disabling the lock, it actually displayed a 24 hour option, so i chose that instead of disabling it.
thanks for the help guys!
Keep in mind that you really dismiss your company's policy. This might be the cause of serious legal problems.
Furthermore, the device will recheck the policy after some hours, iirc the standard is to check every 24hours
Have fun!
mightymike84 said:
nevermind.
i did the following:
HKLM/Security/Policies/Policies/00001023 to value 1
changed that reg entry, and instead of disabling the lock, it actually displayed a 24 hour option, so i chose that instead of disabling it.
thanks for the help guys!
Click to expand...
Click to collapse
Just what I was looking for The other option was to turn on the phone regularly before the Password timeout
tugboat said:
Just what I was looking for The other option was to turn on the phone regularly before the Password timeout
Click to expand...
Click to collapse
And should your problem return (as your server will probably reinforce it´s policy), have a look at this page: http://www.zenyee.com/?s=stay+unlock
This great tool has been working fine for me on all my WM5/6/6.1 devices....
Related
Ok, try not to flame me before reading the whole post. Thanks.
I have a Tilt and I set it up to sync w/ my work Exchange server via Active Sync. That is working wonderfully, however it prompts me for a 4 digit password every 20 minutes. It does this while docked at my computer. This is stupid. I know the reason is for security, yadda, yadda, yadda.
However, I previously had a work-issues blackberry. When tethered (or not, even) it NEVER asked me for a password.
So what's the real use of the password being entered every 20 minutes? I can't see any. So, what I want to know, is there some sort of program that can cause whatever activity is required to delay the "20 minute inactivity" setting?
I mean, entering the password 24+ a day is stupid when I never had to do that from my blackberry.
thanks.
Robert
http://forum.xda-developers.com/showthread.php?t=279073&highlight=stayunlock
Is there any application to kills all open app on the phone"aka task manager"
Is there a possibility to colse with one click all 2g-3g connection.
I received the phone yesteday and i was charged of 55 euros ....
mastercut said:
Is there any application to kills all open app on the phone"aka task manager"
Is there a possibility to colse with one click all 2g-3g connection.
I received the phone yesteday and i was charged of 55 euros ....
Click to expand...
Click to collapse
You mean you want to turn off the radio?
Simple method is to go to Settings -> Wireless controls -> Airplane mode. NOTE: This turns off all radios, including WiFi.
If you want a icon to do this, go to the Market and download AnyCut and make a shortcut to Airplane mode.
no not turn off the radio , just close all open connection. cuz i can't see if there's some connection open !!!!!!
A little more description on your dilema would be apreciated.
Who charged you 55 euros?
Are you talking about data transmissions?
If your phone is on and you have service with some provider AND haven't installed any apps that require streaming data, you should not have any "open connections" as you say.
mastercut said:
no not turn off the radio , just close all open connection. cuz i can't see if there's some connection open !!!!!!
Click to expand...
Click to collapse
anycut to 'phone info' might help.
'service viewer' in marketplace, but without root cant kill ;{
mastercut said:
Is there any application to kills all open app on the phone"aka task manager"
Is there a possibility to colse with one click all 2g-3g connection.
I received the phone yesteday and i was charged of 55 euros ....
Click to expand...
Click to collapse
No need for a task manager as the device closes programs on its own.
To disable all data connections use anycut to phone info (like said above) and then menu -> more and you can disable data connection for just that time or disable it on boot to disable forever.
If you were charged 55 euros for using data then you need to get a different phone as this phone is meant for an always on connection so it is connected 24/7
Well I have the same issue. There are no affordable dataplan in the country I live in so letting any application use as much network as it feels like is not an option.
Sadly the phone does not have a way to control who's allowed to use the radio/network or anything for that matter past the installation time. So if pong3d has been installed with full network access you're screwed it can wake up at any time and start streaming whatever it wants from and to your phone. It can even clog your bandwidth and make your browsing suck.
I understand the whole fully connected device thing, but I still think this is a major flaw as users end-up with limited control over what application is doing what. There should be a way to disable data connection, like disabling wifi.
And ultimately there should be a way to manage the permission of the various app. I want to run pong3d but there is no way I'm giving it Contact Access and SMS access and "service that cost you money". Or I want a fair warning "accept/deny" whenever the application tries...
It also happens that people travel (like me) to other countries. And when traveling I use local pre-paid SIM card to avoid roaming fees. I don't need gtalk and MarioSimulator (yeah it does check for update when you launch it) to burn through my credit just because they think they can.
Since we had networking on phone they have been asking you if you wanted to allow the application to connect "Always/Never/Just this time". If Android expect to be used on other devices (so other providers, other countries, other dataplan) that feature will be needed. And the all or nothing attitude towards permissions when installing an app must be changed.
In the mean time, I suggest the original poster do what I do.. Delete all your APN settings and re-add them when needed. In my case just changing one letter in the APN seems to be enough.
my 2p.
mrboyd said:
Well I have the same issue. There are no affordable dataplan in the country I live in so letting any application use as much network as it feels like is not an option.
Sadly the phone does not have a way to control who's allowed to use the radio/network or anything for that matter past the installation time. So if pong3d has been installed with full network access you're screwed it can wake up at any time and start streaming whatever it wants from and to your phone. It can even clog your bandwidth and make your browsing suck.
I understand the whole fully connected device thing, but I still think this is a major flaw as users end-up with limited control over what application is doing what. There should be a way to disable data connection, like disabling wifi.
And ultimately there should be a way to manage the permission of the various app. I want to run pong3d but there is no way I'm giving it Contact Access and SMS access and "service that cost you money". Or I want a fair warning "accept/deny" whenever the application tries...
It also happens that people travel (like me) to other countries. And when traveling I use local pre-paid SIM card to avoid roaming fees. I don't need gtalk and MarioSimulator (yeah it does check for update when you launch it) to burn through my credit just because they think they can.
Since we had networking on phone they have been asking you if you wanted to allow the application to connect "Always/Never/Just this time". If Android expect to be used on other devices (so other providers, other countries, other dataplan) that feature will be needed. And the all or nothing attitude towards permissions when installing an app must be changed.
In the mean time, I suggest the original poster do what I do.. Delete all your APN settings and re-add them when needed. In my case just changing one letter in the APN seems to be enough.
my 2p.
Click to expand...
Click to collapse
I completely understand where you are coming from and I think once the OS comes out of beta it will be a lot better. In the meantime I think it is easier to do the method I did above as it just turns off the data connection and doesn't change any other settings. And you can turn it on or off on the fly.
neoobs said:
I completely understand where you are coming from and I think once the OS comes out of beta it will be a lot better. In the meantime I think it is easier to do the method I did above as it just turns off the data connection and doesn't change any other settings. And you can turn it on or off on the fly.
Click to expand...
Click to collapse
Don't mean to derail the converstaion but... Google, out of BETA? ROFLOL!!!
That'll be the end of life as we know it!
Anyways... going back to the subject. Your trick is neat and I don't need it (T-mobile customer with unlimited data) but still usefull.
@ mrboyd:
As neoobs stated, you'll have to do that workaround untill Google does add such a feature, but unless you give enough stink (complain) about it, they won't listen.
You could go here to developers and see if anyone is doing something about it and "ask" for such a "feature"
http://groups.google.com/group/android-developers
Also, where are you located? Who's your service provider? What data plans do they have there, or don't?
On the same topic... if someone notices they have no data connection and want to enable it follow the same directions. I did this the other night when tmobiles towers were down. It helped me get connected again.
Does this thing works? I have tried playing with it a little bit and it didn't seem to do much. I'll give it another shot.
mrboyd said:
Does this thing works? I have tried playing with it a little bit and it didn't seem to do much. I'll give it another shot.
Click to expand...
Click to collapse
what 'thing' ?!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
. So this is the deal, I originally had an ATT Tilt. I had no problems! I synched though active sync, via bluetooth and over air with no issues. Two days ago I got a Fuze, I was ecstatic, but then my camera became disabled and I consistently could not access my storage card. The message actually came up saying that my "camera has been diabled for security reasons". WTF is that? I have hard reset the phone about ten times now and everytime before I set up exchange everything works beautifully, but after I have no camera and no sd card. Is this a known problem or is my Fuze busted? Please help!!!!!!!!!!!!!
Is it possible that this is a policy in your company being enforced by your IT dept via your exchange server?
Believe me, I've discussed this extensively with my IT department and they haven't made any changes to their exchange server policies. They have the same question I have! If the companies Tilts are all working with the same OS what hardware changes in the Fuze could create such an issue relative to their existent server policies?
Update! I also tested this on a co-worker's Sprint HTC Touch Pro and got the same results. He had to hard reset his phone to get full functionality again! My IT dept says that our server links to an https site if thats relevant to anyone. I'm not technically versed in that area. Hopefully someone has had a similar issue, and potential workaround?????
Its almost going to have to be coming from a setting on your Exchange server at work. See the attached screen shot. All of those settings are configurable on the server. Once you connect, it automatically downloads whatever policies are in effect. This screen shot is from an Exchange 2007 server. I no longer have a 2003 server but it is similar.
Hmmmm....
Man, your awesome! I think IT was BS-ing me a bit, or they haven't bothered to check the settings themselves. I'm gonna break some necks and find out if these settings are the issue. Either way I'll report back my findings.
GarethD said:
Man, your awesome! I think IT was BS-ing me a bit, or they haven't bothered to check the settings themselves. I'm gonna break some necks and find out if these settings are the issue. Either way I'll report back my findings.
Click to expand...
Click to collapse
They probably weren't BSing you. They probably haven't touched those settings since configuring the server. The Tilt has a different version of mobile office which probably wasn't compatible with and subsequently ignored those settings.
zenyaa stayunlock cab -- search for it, install it, THEN sync w/exchange (may require hard reset to kill existing settings)
I installed zenyaa stay unlock before syncing accidentally after a hard reset and i never even got prompted for pin's.. hopefully it'll ignore the other restrictions too...
Keep in mind, this may be against the law for some companies, use responsibly.
zenyaa!
I like the potential. For now however, I have flexed some executive privilege and got my settings changed. I got everything enabled except wi-fi. , but they are paying for my media plan so no real worries there. I will look into zenya though, it seems ridiculous to ask for normal features on a smart phone, but I guess my IT department is restriction crazy. Thank you all for your input, this issue is technically resolved for me.
GarethD said:
I like the potential. For now however, I have flexed some executive privilege and got my settings changed. I got everything enabled except wi-fi. , but they are paying for my media plan so no real worries there. I will look into zenya though, it seems ridiculous to ask for normal features on a smart phone, but I guess my IT department is restriction crazy. Thank you all for your input, this issue is technically resolved for me.
Click to expand...
Click to collapse
From an IT view, it's a huge security risk having a device that you cannot regulate on your network. Not allowing removable storage might be a little much though, especially if they allow you to have usb flash drives. I wouldn't allow wireless at all though, regardless of who requested it.
To an extent, I agree with you.
In this specific case however, I think my IT could/should have been more forthcoming about their mobile polices. That would have made me more specific in my search for a new business phone. I could have gotten something with less features based on policy. That being said, I think it was more a reluctance to hear criticism from a non-IT person than it was to adjust the default settings. With the exception of Wi-Fi (for probably the reasons you stated!), there was no real issue in changing my settings.
I just bought HTC Touch 2. Everything was ok, until I activated ActiveSync together with company Exchange email service.
From this time I always get "unlocking form" when I switch off display.
I checked Activesync setting, and there is configured, that locking code should be requested after 60 minutes.
But it locks just after several minutes of non working, or just after display switch off.
I already downloaded "advanced configuration tool", but still I am not sure, where and what to reconfigure.
Thanks a lot for help
Wrong forum, but anyhow, check the settings menu, lock icon on your phone. When enabled, the device locks automatically upon connection to prevent your data.
I am sorry for wrong forum, just now I realizet that I am on wrong place.
But still, is somehow possible to set it that way, that it locks really after 60 minutes (what is configured in activesync ...)
Its really anoying to unlock every minute the phone.
I asked my friends with another type of HTC and they do not have such problems ...
I have to say, that also my company pushes some policy every 60 minutes, so some temporary solution does not fit for me...
Up until recently, the corporation I work for only authorized blackberry devices to sync with the exchange servers. They've just recently started allowing iPhones and certain android devices to do the same.
On the corp intranet page that deals with this it explains that once you setup activesync a phone lock passcode is required, screen timeout of less than 15min is required, and 5 incorrect passcode attempts, lost/stolen, or something like leaving the company will result in a wipe that will affect non work related data loss as well. The next sentence then says that if it can't be wiped remotely it is the employee's responsibility to do so.
I don't know if some of that wording is from the blackberry only days or what.
If I were to go ahead and get authorization for this, would setting up an activesync with the corporation exchange server really allow them to wipe my phone, including personal data? Would it really make my phone require a passcode and limit my screen timeout all by just syncing?
I just don't know what kind of control simply setting up an activesync account is really possible.
I hate using our web access bc it requires and id and 2 passwords and even though I can use lastpass to make that easier its still slow/inconvenient.
I don't want to ask IT about all this bc I don't want them to think I'm trying to get around the system or give me an incorrect answer (fortune 100 company, they deal with a lot and don't know everything about everything ).
One of the features introduced in Froyo with Exchange/ActiveSync support was remote wipe. I believe they'll have no problem wiping your phone, unless you disconnect that account first.
Jack_R1 said:
One of the features introduced in Froyo with Exchange/ActiveSync support was remote wipe. I believe they'll have no problem wiping your phone, unless you disconnect that account first.
Click to expand...
Click to collapse
I'm actually less concerned with wiping than I am with being forced (by that I mean them somehow enforcing my settings such that I can't make my screen timeout longer than 15min or have to use a passcode to come out of sleep). I've never lost a phone and am willing to deal with consequences of not having a damn unlock code. I just don't want my phone to be locked into particular settings. Hope that makes sense.