First off, no I'm not trying to find out other peoples passwords.
We have, at work, a shedload of Smartphones of different types. Nokia E71's/E72's, Treo Pro's, HTC Touch Pro's, Touch Pro 2's and HD2's. I'm the lucky guy who gets to support them and help users set them up to connect to the exchange server.
Here's the thing. The Nokias are great in that when typing in their password for Mail for Exchange, i rarely have to get them to try more than once, because the password is briefly visible letter by letter as they type it in before it ****. As you know thats not the case for winmo Outlook. They only see **********.
So I'm handing most users a device they have never seen, with an unfamiliar keyboard, and the first thing they type is a complicated password that they can't see. Makes my life he11. And for an added bonus, Active Directory policy requires a password change every 60 days, which means they have to change the password on the phone too.
In addition, as you know, if Outlook gets messed up during setup/editing, its often a hard reset to fix. Great fun, especially on a Treo.
So, i am wondering if there an app/option/regfix to make the password visible while typing it in. Even briefly, like the Nokia's.
Any advice, suggestions would be great. Thanks.
So that'll be a no then?
Doesn't make passwords visible but if you can connect to the PPC via ActiveSync/WMDC then you could use MyMobiler which would enable you to use your PC keyboard to type the passwords.
Related
Now I know what you're gonna say - hard reset, but just bear with me.
I set a password to stop the kids messing with the PDA.
Then I wanted to use my contract Orange SIM card temporarily instead of my PAYG SIM - it's cheaper to surf that way.
Sooo, I turned off the M2000 and inserted my contract SIM. When I turned it back on, I was prompted for the password, but I now do not have the keyboard icon bottom right of screen and I only ever used my touch screen to enter it.
I can enter via the keyboard, but I keep getting it wrong as I'm not really sure which keys come up as default CAPS lock on and how to use the Lock Fn key - ie: does it stay on for 1 key press then default back or do you have to turn it off again....similarly with Shift, CAPS, etc.
I've backed up my important data via ActiveSync, which prompts me for a password. So I've browsed the device and copied across the stuff I need...apart from program installs and the like.
So, this is how my password is structured: Abcd1efghij
To explain: a capital first letter, 3 lower case letters, a number, 6 lower case letters.
Any thoughts?
Boing for the monday morning types!!
Remote Controller
You poor thing! Try connecting with ActiveSync, and using the remote control program attached (rCE) to use your PC to enter the password.
I recently installed some software for my company on my 8525. Along with the installation, the software compelled me to password protect the ppc. I can't even make a phone call without entering the password! Is there any way to remove the password provision? Is it in the registry somewhere?
losborn said:
I recently installed some software for my company on my 8525. Along with the installation, the software compelled me to password protect the ppc. I can't even make a phone call without entering the password! Is there any way to remove the password provision? Is it in the registry somewhere?
Click to expand...
Click to collapse
Start>Settings>Personal tab>Lock
remove check
The check is grayed out.
losborn said:
I recently installed some software for my company on my 8525. Along with the installation, the software compelled me to password protect the ppc. I can't even make a phone call without entering the password! Is there any way to remove the password provision? Is it in the registry somewhere?
Click to expand...
Click to collapse
what good is a security app if you can disable settings in the registry?!? the setting is probably in the software you installed.. i would look there first!
You might get better replies if we knew what software you installed....
shogunmark said:
what good is a security app if you can disable settings in the registry?!?
Click to expand...
Click to collapse
Good point. However, I'm not trying to hack the password; I'm trying to bypass the necessity of a password. It's a real pain to have to enter the password EVERY time I turn the phone on. It turns it into a two-hands device and makes it more hazardous to use in a mobile environment, for example.
the setting is probably in the software you installed.. i would look there first!
Click to expand...
Click to collapse
There are no options to disable the password in the software. The IT gods (THEIR opinion of themselves, not mine!) have defeated any option that may have been there.
You might get better replies if we knew what software you installed....
Click to expand...
Click to collapse
Another good point. The app is Goodlink. (I could live with it if it was only Goodlink that was password protected.)
now that i know its goodlink and accessing corporate mail let me offer this advice.. i have seen issues like this around the boards, right now i dont remember where they were as i only read them for my knowledge but never made a post... now all of these people could have been wrong, i am only going by what i have read so i hope this helps.. Lots of people have reported that its actually your IT's department fault here.. they have to set the password timeout on their server (and yes this does affect your phone and how it asks for passwords) some people have been successful at asking their "gods" to change the password timeout to 24 hours so they only have to enter it once a day.. so you may want to check with them again and ask them about this and what the password timeout is for your corporate account.
If I'm at the mercy of IT, I'm out of luck. We've asked for adjustments before on different situations, and they've never budged on (what seems to us to be) their arbitrary decisions...
I'm just hoping that, since it's the PPC's password (the same one that you have the option of setting when you first set the device up) that there's something in the registry that can be changed from "1" to "0" or vice-versa, to remove the "gray" from the check-box on the password screen... I'm new enough at this that I don't have any idea on a systematic approach to finding it.
Hi all... I have exchange set up with push mail at work (a few if us are testing it instead of using expensive Blackberry licences).
So far it works really well (if a little battery sucking!) apart form the annoying password that constantly pops up after a few minutes. Our IT guy has tried to lengthen this to no avail! None of the Blackberry's do it so why on earth do our WM devices have to do it? I can understand it happening once the phone had been switched off, as if it's knicked then when the thief switches it on they ned apassword, but every fgew minutes? Boy is that tedious!
Any help would be greatly appreciated!
adamelphick said:
Hi all... I have exchange set up with push mail at work (a few if us are testing it instead of using expensive Blackberry licences).
So far it works really well (if a little battery sucking!) apart form the annoying password that constantly pops up after a few minutes. Our IT guy has tried to lengthen this to no avail! None of the Blackberry's do it so why on earth do our WM devices have to do it? I can understand it happening once the phone had been switched off, as if it's knicked then when the thief switches it on they ned apassword, but every fgew minutes? Boy is that tedious!
Any help would be greatly appreciated!
Click to expand...
Click to collapse
I use Direct Push to connect to an Exchange account (both on a TP and on the Diamond). No Rom I have installed on them has had this problem - I only ever put in my password once and it remembers it and never asks for it again. I have also used Direct Push on several previous WM phones (5, 6 and 6.1) and have not had this problem on those, either!
This may be a silly question, but did you tick "save password" when setting up the exchange account on the phone?
The PIN requirements are set on the server side (i.e. Exchange) so you need to have your IT guys look there. It's easy enough to setup. Your 'blow away' device settings are also defined there.
We run about 600 WinMo devices with Direct Push on our private APN and have the password timeout set to 30mins accross the board (as defined by our security policy, auitors would really like 15 mins or less ). This has been running for several years and over many generations of device (inc. several Raphael's now) and the PIN timeout has always worked as expected.
Remember you CAN override the timeout on the device to lower the value (15min lock rather then 30 etc., the server just defines the MAXIMUM time that the device will remain unlocked without requireing the PIN and what the constraints of that PIN are). You configure that like you would expect from the Lock control panel.
You have to use SSL connection
Maybe you need more postage
Thanks, I will talk to IT again as they said 15 was maximum they could do! Even though it didn't seem to reset once set previously.... I think its a silly system anyway though. If I wanted a password I would set one up... if not then I should be able to have my phone set up so that only the email needs that lockout password added so sync not the whole blasted phone!
adamelphick said:
I think its a silly system anyway though. If I wanted a password I would set one up... if not then I should be able to have my phone set up so that only the email needs that lockout password added so sync not the whole blasted phone!
Click to expand...
Click to collapse
I'm sure your IT department have a totally different answer to that!
You're walking round with potentially confidential company information in your pocket. Personally I think it's perfectly reasonable that they insist that you have to password protect your device so that if it is lost or stolen, no-one can get at the sensitive company information that you may have on the device, even if it is only out of your sight for a couple of minutes!
As it is an Operating System on our phones there's no reason MS couldn't have passworded EMAIL separately from other functions - makes sense to me. They give you the option to PW your phone or not (personal choice) but I agree that company information should be safeguarded.
Do blackberry's have this same password stuff that locks the phone completely? I don't see my boss having to type in passwords to unlock his blackberry every five minutes!
adamelphick said:
As it is an Operating System on our phones there's no reason MS couldn't have passworded EMAIL separately from other functions - makes sense to me. They give you the option to PW your phone or not (personal choice) but I agree that company information should be safeguarded.
Do blackberry's have this same password stuff that locks the phone completely? I don't see my boss having to type in passwords to unlock his blackberry every five minutes!
Click to expand...
Click to collapse
Yes, Blackberries do this as well. It depends on your corporate security polcies. We cannot connect iPhones or Nokia mail for exchange phones, as our IT group cannot broadcast the security policy to the device. These security policies are the main reason why BB and WinMo own the enterprise market in the US.
Hoping you can help. I've become 'the phone guy' at my office (i'm already one of the 'desktop guy's'), and as such i have to help with our various Touch's, Diamond's, Touch Pro's, Touch Pro 2's, HD2's and even the occasional Treo (plus E71's, E72's and most of the Blackberry range).
Most of it i've figured out, having been around Winmo since the QTEK 9100, but there's one issue that has escaped me. Outlook/email/activesync, whatever you refer to it as on the device.
All our smartphone users (except the BB's) connect via an exchange connection. But i've found that if you hose up the setup (mis-spelling the server name, user name, domain, etc) without realising it and then try and connect, obviously you don't connect but when you find the error and correct it, the device still won't connect until you do a hard reset and set it up again.
In addition, our AD policy requires a password change every 60 days. Too often, even when the user knows how to update the password in WinMo Outlook, it gets hosed up, and we have to hard reset (again). 60 days is plenty of time for some users to have installed plenty of extra apps, so its always enjoyable to explain that we have to hard reset the phone....
Yes, normally i'd expect to 'right click' "*Outlook E-mail" and select 'Delete', but that's always greyed out.
So, how can you delete the outlook account settings without having to hard reset the phone?
Thanks.
Never mind, i found the answer.
Open Activesync on your smartphone and click Menu - Options. Selct your account and click Menu again and select Delete.
lol yip that was gonna be my advise to you lol, well done!
I am getting a password requested when I boot up my phone.
This has been bothering me over the last several days.
It turns out it is forced by an exchange account I have set to synchronize with my phone.
Is there any way to force this password request to be ignored?
It is not the exchange ID password, rather it is a new password that exchange requires to be entered on phone boot-up in order to enforce security on my phone.
I already use pattern lock, so this is redundant... not to mention annoying.
I don't know if it can be bypassed. I'd like to know too, because although convenient for me, I will not put my work email on my device if I am forced to password protect my screen, as was the case with my Samsung Epix. I'd prefer to be forced to enter my credentials each time I were to check my work email than to enter a pass to unlock my screen.
a_fuegon said:
I don't know if it can be bypassed. I'd like to know too, because although convenient for me, I will not put my work email on my device if I am forced to password protect my screen, as was the case with my Samsung Epix. I'd prefer to be forced to enter my credentials each time I were to check my work email than to enter a pass to unlock my screen.
Click to expand...
Click to collapse
I would think that the pattern lock would satisfy any need for protecting my email from unauthorized use... a 4 digit numeric code is less secure than the pattern lock, which has 9 points and who knows how many possible combinations.
There have been quite a few discussions about this. Lockpicker seems to work but the developer states only for the HTC Sense.
I'm sure IT managers aren't going through any effort to change their security policies and endure all that's involved to change something they feel is currently effective, regardless of the users sentiments. It's up to us the users to find a way to circumvent or deal with it.
a_fuegon said:
There have been quite a few discussions about this. Lockpicker seems to work but the developer states only for the HTC Sense.
I'm sure IT managers aren't going through any effort to change their security policies and endure all that's involved to change something they feel is currently effective, regardless of the users sentiments. It's up to us the users to find a way to circumvent or deal with it.
Click to expand...
Click to collapse
It is frustrating, given the fact that this is a new change. For the longest time I thought it was something i did while modding my phone.
I will try the "get IT to fix it" route, but I have my doubts anything will come of it.
Otherwise, I will need to get someone to look at lockpicker.
Thanks.
joeybear23 said:
I would think that the pattern lock would satisfy any need for protecting my email from unauthorized use... a 4 digit numeric code is less secure than the pattern lock, which has 9 points and who knows how many possible combinations.
Click to expand...
Click to collapse
The problem with the pattern lock is you can almost always figure out the pattern based on the screen smudge left behind by it.
This could be overcome if the lock screen didn't show up the same way every time. Either larger / smaller scale or in a differnt orientation then the last previous time (sometime upside down and sometimes landscape). Then the smudges would overlap / confuse each other a little bit atleast.
If the e-mail account is a business account and is controlled by an IT group that isn't you, they're protecting their business. They don't want devices out there with no password and an open line to their systems. If you want your phone to sync with their e-mail account, then you have to accept their security requirements. I don't know why everyone thinks that they should be able to bypass an IT groups security requirements simply because they're inconvenienced by a passcode. A middle ground would be a passcode just to read that e-mail account, but I don't think any of the mobile devices offer such a feature. The simplest solution is still simply to not sync that e-mail account or check it as an IMAP account if you can.
Remove IT Security.
There is a way to get rid of this prompt but you will need a SQLDB editor like SQLite and Root explorer or something similar.
if you open up root explorer then go to DBDATA\DATABASES and then browse down to com.android.providers.settings then open settings.db
you will see a list of items, if you go under "system" then scroll 3/4 of the way down you will see the section for ITsecurity policy. [this is what the exchange services enforced on your phone.
if you change the section "devicelock_itpolicy_enabled" from a 1 to a 0 this will obviously disable this policy.
once the change is done you will need to restart your phone and you will notice upon the restart that it does not ask you for the password again.
problem with this is that its a remote policy however and the phone WILL be pushed this information again. [probably after only a day or two of use]
someone could probably write a MCR script to take care of this easily.
I've found the best way for me ot make the change is to copy the settings.db to another folder [like on my SD card] then make the change I need there.. and whenever there is a repush of the policy, I just overwrite the one settings.db with the other.
this is a temporary solution.. but it does get rid of the password policy.
another option maybe setting the timeout value listed below that.. some exchange policy will only check for the "password enabled" portion to be checked. but the default timeout maybe adjusted to something crazy..
default for my org is 40 minutes. [IE 2400 seconds] so adjusting it to 4000 minutes may just make me not worry about this value as much
l7777 said:
If the e-mail account is a business account and is controlled by an IT group that isn't you, they're protecting their business. They don't want devices out there with no password and an open line to their systems. If you want your phone to sync with their e-mail account, then you have to accept their security requirements. I don't know why everyone thinks that they should be able to bypass an IT groups security requirements simply because they're inconvenienced by a passcode. A middle ground would be a passcode just to read that e-mail account, but I don't think any of the mobile devices offer such a feature. The simplest solution is still simply to not sync that e-mail account or check it as an IMAP account if you can.
Click to expand...
Click to collapse
You are correct. They are protecting their interests and spend lots of money doing it.
Now, I did sense a bit of anger or frustration in your post. If so, calm down. These companies have every right to ensure that they deliver their info as securely as possible. Seeing as we do live in a free country, if somone decides they want to circumvent some established policies, then so be it. It'll be them that will have to suffer the consequences of their actions, not you. I for one am annoyed by those security features. Hence the absence of my company email from MY device.
If it bothers you, you do have the right to skip this thread and move on to the next one.
a_fuegon said:
You are correct. They are protecting their interests and spend lots of money doing it.
...
Click to expand...
Click to collapse
What is funny is the fact that requiring a 4-digit password at boot up does very little to keep unwanted eyes looking at email on a phone.
How often do thieves steal a powered-off phone... Plus it takes only seconds to hack through that anyway.
It's like gun laws: it only creates another hoop to jump through for the people playing by the rules.
joeybear23 said:
What is funny is the fact that requiring a 4-digit password at boot up does very little to keep unwanted eyes looking at email on a phone.
How often do thieves steal a powered-off phone... Plus it takes only seconds to hack through that anyway.
It's like gun laws: it only creates another hoop to jump through for the people playing by the rules.
Click to expand...
Click to collapse
I disagree - the idea here is to protect data for certain amount of time - it is a barrier, but not made to be foolproof.
Do you leave your house door unlocked? It takes seconds to smash a window or pry a door, so why lock it? You have an alarm? I can turn off the power and cut the phone line from outside - so i just easily circumvented this too. I can shoot or poison the dog, so that is not perfect either.
I like the PIN Lock, and I wish i could add one to my phone. If you lose your phone, you don't want people getting to your stuff before you can wipe it. The PIN does that it, gives you time.
And it is not that easy to bypass unless you keep your phone in USB Debug mode, and even then Android should prompt for the PIN before mounting drives or granting ADB access - if it doesn't then Android has a major security flaw.
The pattern lock is a joke - as mentioned, i can usually see someones pattern. That coupled with the idea, that although there are 9 starting points, the next point is only one of 3 adjacent points, and so on for the next. If it is really complex it becomes hard to remember - unlike numbers which can be many digits long and easy to remember.
I for one am happy to comply with a PIN lock - it keeps people i know from picking up my phone and rooting around.
alphadog00 said:
...
I for one am happy to comply with a PIN lock - it keeps people i know from picking up my phone and rooting around.
Click to expand...
Click to collapse
So you power down your phone after every use?
Because this PIN lock only comes up at boot up...
and the numbers are visible when you type them in.
a_fuegon said:
There have been quite a few discussions about this. Lockpicker seems to work but the developer states only for the HTC Sense.
Click to expand...
Click to collapse
Didn't work on my captivate, and as I understand it, it shouldn't work on any captivate because it changes Sense-specific settings.
I didn't really read through this thread, but if this is indeed a corporate exchange account, then there is no way around it.
joeybear23 said:
So you power down your phone after every use?
Because this PIN lock only comes up at boot up...
and the numbers are visible when you type them in.
Click to expand...
Click to collapse
On my Samsung Captivate it is requiring it everytime the screen goes blank. With HTC WM phone i was able to set this to 24 hours so it would only ask once a day or on power off then back on. If I could make it prompt just a little less I would be fine with it.
mreevimus said:
On my Samsung Captivate it is requiring it everytime the screen goes blank. With HTC WM phone i was able to set this to 24 hours so it would only ask once a day or on power off then back on. If I could make it prompt just a little less I would be fine with it.
Click to expand...
Click to collapse
Same here. Everytime the phone wakes is a big pain. I set my winmo phone for 2 hours.
I also work from a company that does this. Using the standard email app connection to exchange server, it requires the pin unlock when coming out of standby after a certain number of minutes. VERY annoying.
The best way around it will cost you $20. Using Touchdown, the pin unlock is in the app only. It will only prompt you for it when you actually use the app (again after a certain number of minutes).