BlackBerry Forums Support Community

SDCromer · 07-06-2005, 03:58 PM

My company has apparently pushed down a requirement for a password on my Blackberry. Now when I pull our the Blackberry to make a call, I have to type in a long password. This sure is a pain in the a$$.

For those of you on BES, does your company require you to have a password?

NJBlackBerry · 07-06-2005, 04:06 PM

Yes. 60 minute timeout. 6 characters or more.

SUFan · 07-06-2005, 08:30 PM

After a conversation with our RIM regional sales rep, he mentioned that all of his BES clients require passwords. We are contemplating making this a requirement. I have enabled my own password with a 30 minute timeout and its not that big of a deal.

jibi · 07-06-2005, 08:37 PM

From a security standpoint, its highly advised. I think the minimum of 4 characters is plenty, though... so long as some form of strong security is enforced (number and letter requirements; or the addition of a required special character). Someone would have to get REALLY lucky in order to brute force the password within the maximum 10 allowed tries to break the security. I just don't see that happening.

As for you having to type in a password before making calls, go into your options and then Security and see if you have a new option to Allow Outgoing Calls when Locked (or something like that) and enable it. If its not present, then suggest to your Administrators to add that functionality in the IT Policy, as it will not remove the security needed/wanted for the DATA on the handheld (if someone stole your phone, they would simply be able to make calls on it, if this was enabled - not that big of an issue, imo).

Rancor · 07-06-2005, 10:26 PM

forced to use minimum 6 characters and including at least one number with a 20 minute timeout and I like it.

I set up one device on a test BES and did not have a password forced and felt so insecure carrying the Blackberry around that I ended up manually setting the device to lock and require a password.

Knowing that if I was ever human enough to leave the Blackberry somewhere, the data is securely locked away is the way I like it.

alect · 07-07-2005, 12:04 AM

Yes ours was introduced recently - 15 min timeout and 8 min password - it is the BANE of my existence - literally every time I pick up the BB i need to enter my password

cbandler · 07-07-2005, 06:21 AM

I just changed jobs, and the new company does not have a BES. I have done a hard reset, but I can't seem to disable the password requirements. Can I do this. I tried searching, but can not find anything related to a non-BES password problem.

Thanks in advance.

insecterx · 07-07-2005, 12:47 PM

10 minute time out but passwords can be whatever the user wants. its a good thing too because we have had a few lose theirs.

MarvinK · 07-07-2005, 01:35 PM

Quote:

Originally Posted by cbandler

I just changed jobs, and the new company does not have a BES. I have done a hard reset, but I can't seem to disable the password requirements. Can I do this. I tried searching, but can not find anything related to a non-BES password problem.

Thanks in advance.

Check this thread for clearing IT security policies:
http://www.blackberryforums.com/showthread.php?t=6682

kelvin · 07-08-2005, 08:29 AM

Our company requires a password. Initially, they did not allow us to use the ALlow Phone Call feature. This crteated a bunch of compalints from the user community. We can make calls now. The only problem is that while I can make calls and chirp peopl (Nextel), I cannot use the Alert feature.

udontknowjack · 07-08-2005, 08:39 AM

Well, I'll be the first on this thread to say my company with a BES doesn't require Passwords. The company I worked at before this didn't either. I, as the BES admin, have pushed for this at both companies as I think it is a great secuirty risk to not force passwords but in both cases, the CEO or some other real high up person thinks it is too much of an inconvenience so it doesn't happen. I'm sure once someone with some sensitive contact information or emails looses their blackberry and the info gets in the wrong hands, their tunes will change.

Think about it, almost all of us have PCs that lockout with a password after a certain time and those don't leave our desks. The Blackberry takes your email, contact information and many people store info in notes that is confidential out of the office and can be lost or stolen easier than a laptop. But for some reason, we think it shouldn't be password protected.

TheWastedYears · 07-08-2005, 09:13 AM

BES4 has the remote kill feature, and people think this is a good alternative to preventive measures, apparently.

Chrisv2 · 07-13-2005, 04:35 PM

All 400 of my users are required to have a min. 8 char PWD with a mix of numbers and letters. All this with a 5 minute timout too!

SDCromer · 07-13-2005, 07:33 PM

Well I guess that seven characters and a 15 minute timeout is not too bad. At least I can answer a phone call without typing in a password.

Luckystrik3 · 07-14-2005, 02:58 AM

So, well, I have a password as well, and don´t think of it as a pain. I rather think of it as a security measure, if I loose my BB (I loose things often ;) ).

smoorani · 11-04-2005, 11:39 AM

Quote:

Originally Posted by jibi

From a security standpoint, its highly advised. I think the minimum of 4 characters is plenty, though... so long as some form of strong security is enforced (number and letter requirements; or the addition of a required special character). Someone would have to get REALLY lucky in order to brute force the password within the maximum 10 allowed tries to break the security. I just don't see that happening.

As for you having to type in a password before making calls, go into your options and then Security and see if you have a new option to Allow Outgoing Calls when Locked (or something like that) and enable it. If its not present, then suggest to your Administrators to add that functionality in the IT Policy, as it will not remove the security needed/wanted for the DATA on the handheld (if someone stole your phone, they would simply be able to make calls on it, if this was enabled - not that big of an issue, imo).

Once you set the option "Allow Outgoing calls", you must also change the option in Security on the handheld.

stonent · 11-04-2005, 12:00 PM

Ours is just 6 characters. A few users have ones like poopoo or qaqaqa because they are easy to enter with one finger.

Better than nothing I say.

MozMan68 · 11-04-2005, 12:18 PM

My company doesn't require it, but I started using it after my boss left his in a restaurant at lunch....I didn't think too much of it when the "**** you" messages started coming across (we have a pretty laid back relationship)...but realized something was up when I asked a serious question and was told to "go **** yourself".

Thought it was pretty funny....probably because it wasn't my blackberry.

Aroc · 11-04-2005, 01:53 PM

I am the BES admin. No passwords required. I don't see this being any bigger of a security risk that a lot of our other policies (which are pretty lax). (personal laptops, PDAs, other messages sent or stored "in the clear.") Some execs use their own passwords (which is a good idea), but I don't force the issue. Neither does senior management.

juwaack68 · 11-04-2005, 07:40 PM

I am the BES admin for our company and we have had a password since we rolled out the devices (6 char min, mix of letters and numbers, user can set max to 1 hour) - we're up to almost 300 now. Most users hate it, but oddly enough the owner of the company hasn't said boo about it.

We have had numerous devices stolen or lost (mostly from female sales people who won't wear the belt clip), so the kill command comes in handy, too.

BlackBerry Forums Support Community

Do your companies require a password on the Blackberries?