Related
Hey there,
I use 1and1 for my exchange access and they require you to use some sort of security enforcement policy on your phone. On windows 5 I was able to put in a 4 digit pin and set it to only ask me for it after 24 hours of non-use. It also asked me for it on reboot. I keep my keypad locked because there's nothing I hate more than having my phone dial random people. To do this of course, I just held down the end key untill the screen locked. To unlock it, I just pressed the center button on the d-pad and the asterisk key. Everything was peachy.
Well in windows 6, they still require me to enter a PIN in and everything, BUT I cannot change the time in which it requires me to enter my pin to unlock. Additionally, every time I screen lock my phone I have to enter my PIN which is incredibly annoying.
Is there some sort of reg hack that I can fix this with?
No, the point of security enforcement is to protect the device from having sensitive data stolen and as a result these kinds of policies can not be overridden through any fashion except settings on the exchange server. You need to contact 1and1 and ask them to remove this policy, or switch to another exchange provider.
4SmartPhone doesn't pull this stuff.
Thanks for the response, but I don't think I made myself clear enough.
I don't want to bypass the security, I don't care about that.
I just don't want to have to enter my password every time I want to use my phone. Who does that?
Start>Settings>security>device lock
from there you should be able to adjust the phone's lock settings.
whether you want to get round it or not, it is most likely the policy set at 1 & 1's end and they need to adjust it at their end....
it might be that this function on the exchange works differently on the server cos it is windows mobile 6.
As WM6 is optimised for Exchange 2007, it could be a bug in the MS Activesync set up when using these policies on an exchange 2003 SP2 server.
I don't have a WM6 excalibur, but i can test it with an S710 and our Exchange 2007 server if you want....?
One more thought, delete the exchange partnership, and then go into the lock settings. Turn the lock on and set it to 24 hours.
Then go back in and turn it off. the time settings should stay at 24 hours even though it is turned off.
Then set up the exchange server. if you are lucky, it might just stay at 24 hours instead of the OS default of 0 minutes.
Be lucky....
try this:
Enable changing password lock time:
In the registry do the following:
\hklm\security\policies\policies\00001023 from 0 to 1.
i have the same problem with 1and1 using a cavalier with wm6. my real problem is that sometimes at startup the device gets stuck in t9 and will not recognize the numbers in my pin so i have to hard reset the device. 1an1 say they have nothing to do with the security password and will not help
Disable T9
Heh-heh, I never liked the T9 thingie on my T-Mobile Dash/HTC Excalibur. To turn the T9 on and off (toggle) press alt and then press space. This should toggle the T9 function of WM6 smartphones. At least, it did on my Dash.
Now, on with my crusade to unlock my Dash!!...
turning the t9 off is the same on the cavalier, but the problem is that sometimes this test rom decides to turn it back on at start up and other times it does not. it is really pissing me off.
thanks for the suggestion though. i just really need a way to dissable this security password.
joedm said:
try this:
Enable changing password lock time:
In the registry do the following:
\hklm\security\policies\policies\00001023 from 0 to 1.
Click to expand...
Click to collapse
The phone gives an error screen and says "unable to perform this operation".
on my wm5 ppc i removed the exchange account yet I can't turn off the pin security. Now thats annoying.
you can also try this: http://forum.xda-developers.com/showpost.php?p=1269318&postcount=7
I haven't tried it myself =)
joedm said:
you can also try this: http://forum.xda-developers.com/showpost.php?p=1269318&postcount=7
I haven't tried it myself =)
Click to expand...
Click to collapse
cool that worked thanks!
Before you can change the registry keys, you need to run the "Application and CID" unlock program provided on this site. I did it on my Cavalier and it worked like a charm.
Any ideas anyone?
Hey mtvkilledusall -
Did you ever get this figured out? It is annoying the ****e out of me!!!
I'm the Exchange admin, and I'm considering turning off this "feature" for my device.
Like you, I just want to be able to KEYLOCK the device (so it doesn't dial 911 in my pocket, etc.), but I'd still like to keep the security.
This used to work fine on my MDA. Very annoying.
mtvkilledusall said:
Hey there,
I use 1and1 for my exchange access and they require you to use some sort of security enforcement policy on your phone. On windows 5 I was able to put in a 4 digit pin and set it to only ask me for it after 24 hours of non-use. It also asked me for it on reboot. I keep my keypad locked because there's nothing I hate more than having my phone dial random people. To do this of course, I just held down the end key untill the screen locked. To unlock it, I just pressed the center button on the d-pad and the asterisk key. Everything was peachy.
Well in windows 6, they still require me to enter a PIN in and everything, BUT I cannot change the time in which it requires me to enter my pin to unlock. Additionally, every time I screen lock my phone I have to enter my PIN which is incredibly annoying.
Is there some sort of reg hack that I can fix this with?
Click to expand...
Click to collapse
Same issue here after upgrading from Samsung Blackjack 1 to a Blackjack II, WM6 and 1and1 Exchange server. On top of that, after configuring exchange, my phone also looses the menus quick access numbers. Very frustrating.... Anyone found a fix yet?
Thierry.
Whenever I enabled my Exchange work email account, the phone forces me to set a password which drives me nuts, because I have to then set the screen timeout to at least 2 minutes so I don't go mad typing in the password every time I reach for the phone. I found a lock delay app which works great, but only after I disabled Exchange, so the screen times out after a minute but only locks out after about 10 minutes - MUCH better.
I just can't use this with Exchange as the 'security policy' over-rides everything and drops me back to password lock out with screen time out.
Any thoughts?
Lock Picker
Search Android Market for an app called Lock Picker by Jeroen Brosens. That should solve your problem.
And the Exchange Security Policy won't override this?
cosmicharade said:
And the Exchange Security Policy won't override this?
Click to expand...
Click to collapse
As far as I know, no. Lock Picker runs as a service which completely disables the policy. I.e. the phone will be locked no more. Works like a charm on my Desire. However, if you at some point have the need to remove and re-add the account remember to disable the service while doing so.
I found a few applications but no app by the name of 'lock picker' - I Lock Delay is great though as it sets a lock out different to the screen timeout.
Ideally one would be able to delay the lock past screen time out, I don't mind using a password (prefer in fact) but it's annoying to have to re-enter a password every two minutes, otherwise the screen is left on if I set the timeout for longer.
You could try this :
If your company is enforcing exchange security policy regarding password , but you want to use the lock pattern (Gesture) instead then you can do the following:
1. Delete your exchange Setup on the phone.
2. Go into Security and setup a lock pattern.
3. Once that is done and tested readd your exchange account.
4. Download the app called LockPicker from Market place.
5. Go into the program and enable the Override.
6. Enjoy the new way of unlocking your phone.
Click to expand...
Click to collapse
i also had this problem... when i setup my company mail account that the phone forced me to enter a password ...
so i just installed LockPicker and it worked ... no password entry screen anymore
great app !
- kr
Had the same problem too.
I made a new unlock pattern first, added my exchange account, installed LockPicker and then uninstalled it, works like a charm
Ok so I've installed lockpicker and removed the forced password. If I remove this app now, I can go back to before with the Lock Delay app? Can I also run custom lock screens on top too that display info on the lock screen?
The ideal set up is delayed password protection, say 20 minutes, with screen time out to 2 minutes.
Anyone here tell me what the actual setting in the Exchange Active Sync profile causes this error? I am working with my IT group to get back access to the Exchange server that is currently locked out because of a missing security setting.
Microsoft dissed me, Samsung blames Exchange, Exchange peeps won't budge with out direction and I love my phone so I won't go back.
Thanks,
Brian
It has to do with security policies... It could be a number of things (I think on the older WM6 phones, sometimes it actually would tell you why)...
Your IT department should be able to look at logs on their side to find out why it's not being passed...
Keep in mind, this could be something as easy as you not having a pin password when you use your phone (phone lock). But if your IT department have changed default settings, it could be something more complicated.
First off, I would set a phone lock password, and try setting up the sync. If that doesn't work, you'll have to wait for your IT department.
Zhariak said:
It has to do with security policies... It could be a number of things (I think on the older WM6 phones, sometimes it actually would tell you why)...
Your IT department should be able to look at logs on their side to find out why it's not being passed...
Keep in mind, this could be something as easy as you not having a pin password when you use your phone (phone lock). But if your IT department have changed default settings, it could be something more complicated.
First off, I would set a phone lock password, and try setting up the sync. If that doesn't work, you'll have to wait for your IT department.
Click to expand...
Click to collapse
Thank you for the response. I have tried several gyrations of password before Exchange add, Exchange delete and reinstall, number of things. The real puzzling thing is that the settings they have shown me from screen grabs are all supported by WP7. I posted the error code on the Windows Phone boards at MS and no response yet. I have seen other codes for security issues, this one seems to be a lot more obscure. I was hopping someone could bust out a decoder ring so I could just tell our IT guys what to do (pretty common).
I told them about being able to circumvent the password lock in Win6.5 with a simple registry edit, blew their minds.
IT found the fix, sort of. They rebuilt the security policy as part of an another user issue and the phone syncs correctly. Apparently, importing the security policy from Exchange 2003 into 2010 brings along some baggage.
Still no clue what actually caused it, but if anyone else around the web finds this thread because of the error code, ask your peeps to rebuild the policy. They will have other issues besides yours, eventually.
Hi!
I have a corporate app installed on my desire, which requires a screen lock with password to be enabled, and i can't seem to find a workaround, so the password stays
The only thing i can think of is to increase the timeout, until the phone gets locked, and i need to insert the password.
And here comes the problem. In my previous ROM, the maximum timeout was 15 minutes, and in my current ROM, there is no such option, to set a timeout, the phone locks right wenn i turn off the screen.(and i can unlock it only with the password...)
So here's the question: how can i set this timeout to more than 15 minutes. Where is this setting stored ?
I already googled, and found nothing. I was digging with sqlite3 in /data/data/com.android.providers.settings/databases/settings.db, but i can't find this. Maybe it is more hardcoded ?
Please help me! This thing is killing me!!!
Well if your device is payed and given to you by your employer he has the right to put some restricting software on it (although I've never heard of such an android).
And what is this corporate app? Is it developed by your company, if it's strictly for use within the company, then no other one, besides the people in the company would know whether it has a function for more than 15 min timeout.
If you have permissions to install apps see if "No Lock" from the market works.
3722 said:
Well if your device is payed and given to you by your employer he has the right to put some restricting software on it (although I've never heard of such an android).
And what is this corporate app? Is it developed by your company, if it's strictly for use within the company, then no other one, besides the people in the company would know whether it has a function for more than 15 min timeout.
If you have permissions to install apps see if "No Lock" from the market works.
Click to expand...
Click to collapse
It is my own phone, the software is developed by my company. It installs a policy,that requires a phone lock password to be set. In the system... This lock can have a timeout, but maximum 15 minutes. I'd like to change this to 2hours or even a day. But there is no such option in the GUI, this is why I want to find where this setting is stored in the system.
I think you may have configured your Microsoft Exchange email on your phone. If you do that then the IT admins have the right to enforce a lock screen after 15 minutes. I have the same problem. Unfortunately there's nothing you can do about it, except look for a software that can over-ride the lock-screen.
There used to be a software called LockPicker. But I heard it does not work with Froyo anymore. So my suggestion is that either learn to live with it, or look for an overriding software
drumster said:
I think you may have configured your Microsoft Exchange email on your phone. If you do that then the IT admins have the right to enforce a lock screen after 15 minutes. I have the same problem. Unfortunately there's nothing you can do about it, except look for a software that can over-ride the lock-screen.
There used to be a software called LockPicker. But I heard it does not work with Froyo anymore. So my suggestion is that either learn to live with it, or look for an overriding software
Click to expand...
Click to collapse
Yes, I found this thread also,and that setting is stored in that database I mentioned in the first post. The problem is, in my case it is not exchange. It is a different story.
There must be a solution for this. I mean if there is a setting in the GUI, then it must be stored somewhere! And it must be possible to change it...
It sound like they use a crypto-software or ssl certificate, if you bypass it or try to bypass it.
Your phone can be locked or not fully functional, and your it admins will be angry
I think there is a little misunderstanding here. Let me rephrase my question!
Does anyone know how to set the "lock phone after" time in the security settings menu of the phone to a value higher than 15 minutes?
If you don't see that option, then you are using a sense-less rom. I found it only in roms using sense.
It is a system setting, not an application password. I will try to create screenshots today, so you can see what I mean
TESTED ON MANGO, AND WORKED FINE
Gentlemen,
I have found the reg key in some posts to disable the lock code for the windows phone, if you have configured the exchange e-mail account in Phone.
I was unable to view the specific reg key in normal registry editor. So I have converted the reg key to an xap file by using provxml method. And you can apply the key even if you don't have the registry editor app installed on your device.
Steps:
1. Deploy the xap file to your developer unlocked device.
2. Launch the app.
3. Tap on the green button, it should gibe you a success message.
4. Uninstall the app.
5. It may require to restart the device, since this is a registry change.
5. U r done. Now u will be able to turn off your phone security code even if you have configured the exchange e-mail account in your phone.
I have tested on my chevron unlocked HTC HD7, and it is working fine.
Hope some one will be looking for this.
Note: it's recommended to keep your phone with lock code enabled, but sometimes we need to keep the phone unlocked for some reasons.
If you install this xap, it will enable another wonderful feature..
By default, the 10 invalid attempts will erase ur phone. But after you install this xap, the password will be locked out for 1 min after 5 invalid attempts. Then after each attempts, the lockout time will double. I have tried untill the phone lockedout for 64 minutes. Then I stopped trying with the invalid lock codes. It will help you to keep the data safe, if anyone play with the phone, especially kids.
Note: Please don't try after 5-6 attempts if the phone didn't get locked out, may be this not compatible on your device. You may lose your data. I applied this on my T-Mobile HD7, and it is working fine.
Hit thanks if you like my post..
Thanks
JAZEEL
So I just applied the registry change in your provxml, and it temporarily works,i.e. it enables the option in the lock and wallpaper screen to disable the password, but next time you sync email the policy is reenforced and you have to set a pin again.
Are you also changing the permissions to that reg key in your xap somehow? haven't got a machine with the dev tools handy to try the actual xap out.
benneh said:
So I just applied the registry change in your provxml, and it temporarily works,i.e. it enables the option in the lock and wallpaper screen to disable the password, but next time you sync email the policy is reenforced and you have to set a pin again.
Are you also changing the permissions to that reg key in your xap somehow? haven't got a machine with the dev tools handy to try the actual xap out.
Click to expand...
Click to collapse
I have tested myself, and it's a permanent solution. It's stays for ever. But I don't know what will happen if you reconfigure the exchange account..
Is there any way to keep a timeout for the lock? I find it very irritating to enter the unlock code every time the device wakes up
@OP, what is the reg key for the change? You must know that to make an XAP?
timmymarsh said:
@OP, what is the reg key for the change? You must know that to make an XAP?
Click to expand...
Click to collapse
This is the key which deploys through the xap..
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001023"=dword:1
Doesn't Work ...
Hi I tried this unlocker but it is not working for me every time I connect to the computer (Zune and Windows Phone Device Manager) it relocks and have to chevron unlock again.
Any suggestions?
Hello OP,
I have a Sprint HTC Arrive, I got the following message just trying to launch the xap file:
(WARNING)
(The carrier doesn't exist in database. Please contact your carrier for connection setting and go to Setting>cellular>edit
APN for further configuration.)
Theres no APN in my settings that I see, any help would be great, thanks
Striving said:
Hi I tried this unlocker but it is not working for me every time I connect to the computer (Zune and Windows Phone Device Manager) it relocks and have to chevron unlock again.
Any suggestions?
Click to expand...
Click to collapse
This is to disable the lock code on the phone if you have enabled the exchange account which will force to put the lock code.
To permanent developer unlock, please search in xda, someone already posted it before and I have applied that on my HD7.
purian23 said:
Hello OP,
I have a Sprint HTC Arrive, I got the following message just trying to launch the xap file:
(WARNING)
(The carrier doesn't exist in database. Please contact your carrier for connection setting and go to Setting>cellular>edit
APN for further configuration.)
Theres no APN in my settings that I see, any help would be great, thanks
Click to expand...
Click to collapse
I have checked on my HTC HD7 T-Mobile unlocked.. It's working fine..
Search for the reg key for your specific device, and if you find I will help you to deploy it on your device..
jazeelkk said:
This is to disable the lock code on the phone if you have enabled the exchange account which will force to put the lock code.
To permanent developer unlock, please search in xda, someone already posted it before and I have applied that on my HD7.
Click to expand...
Click to collapse
Thanks for the response funny a little while after I realized that is was for something other than the dev unlock. And happily I have gotten have way there I am unlock but have to make sure I remember to put phone in flight mode before connecting it.
rhn said:
is there any way to keep a timeout for the lock? I find it very irritating to enter the unlock code every time the device wakes up
Click to expand...
Click to collapse
i 2nd that!
jazeelkk said:
I have checked on my HTC HD7 T-Mobile unlocked.. It's working fine..
Search for the reg key for your specific device, and if you find I will help you to deploy it on your device..
Click to expand...
Click to collapse
Thanks for your response, the only reg i've ever found to disable the lock on my device is the one you posted and built into your xap file. For some reason the reg doesn't exist in my phone and I can't create it either.
Most likely why you put this together for us. But on my end here, I now have to app to my phone, once I go to launch it I get the message from my previous post, it just wont deploy/launch. Any ideas up i'm for trying.!!
Thank you,
The reg key is protected, so you can't browse to it, but you can still use a tool like advanced explorer to set it by manually specifying the full path and value to change.
I was able to set the value manually like this, but like I mentioned the value is set back automatically next time your phone sync's with exchange. The policy must get checked on every sync with exchange, and gets set back if your exchange server requires a PIN policy.
From what I can ascertain this XAP simply sets that value, so you would have to run this xap after every sync which isn't a great solution.
barrychon said:
i 2nd that!
Click to expand...
Click to collapse
I have tried it as mentioed in some old posts. But it is not working. Only thing I could do is to activate the ON/OFF button with this reg key, so that I can disable the code at any time.
I presume you guys know this already, but just for the heck of it.
You're bypassing a policy. A policy that's most likely you companies' policy. If you do lose your phone and people are able to access files or e-mails that are highly important and/or confidential, you could take the blame for leaking this information.
This could mean the company would sue you for all kinds of things, and it would be very much possible they would fire you. There is a reason the policy is enforced.
I can see why you want to disable the policy, but, as said, there is a reason your company wants that policy on a device that connects to their Exchange server and it's not to annoy you.
EvilWhiteDragon said:
I presume you guys know this already, but just for the heck of it.
You're bypassing a policy. A policy that's most likely you companies' policy. If you do lose your phone and people are able to access files or e-mails that are highly important and/or confidential, you could take the blame for leaking this information.
This could mean the company would sue you for all kinds of things, and it would be very much possible they would fire you. There is a reason the policy is enforced.
I can see why you want to disable the policy, but, as said, there is a reason your company wants that policy on a device that connects to their Exchange server and it's not to annoy you.
Click to expand...
Click to collapse
You are right. I recommend to keep the phone locked always.
It meant for some situation, where we need the phone need to be stayed unlocked. Atleast we should have the option for it.
EvilWhiteDragon said:
I presume you guys know this already, but just for the heck of it.
You're bypassing a policy. A policy that's most likely you companies' policy. If you do lose your phone and people are able to access files or e-mails that are highly important and/or confidential, you could take the blame for leaking this information.
This could mean the company would sue you for all kinds of things, and it would be very much possible they would fire you. There is a reason the policy is enforced.
I can see why you want to disable the policy, but, as said, there is a reason your company wants that policy on a device that connects to their Exchange server and it's not to annoy you.
Click to expand...
Click to collapse
Thanks mum. But seriously...
I think this is a perfect example of a security policy being set which isn't realistic, so users find workarounds. Like when you mandate everyone has a 50 character password which has to be changed once a week, everyone simply ends up writing them down on post it notes.
The PIN code every time you want to use your phone is bloody annoying. It could improved to make it more useable, e.g.:
Only require a PIN if it's been more than 30 minutes since you last entered it.
Only require a PIN when accessing data in exchange like calendar/email.
Specify certain actions which don't require a PIN unlock, e.g. playing music or games.
Anyhow this is mostly irrelevant as this hack is only temporary and the setting reverts so that's a killjoy.
benneh said:
Thanks mum. But seriously...
I think this is a perfect example of a security policy being set which isn't realistic, so users find workarounds. Like when you mandate everyone has a 50 character password which has to be changed once a week, everyone simply ends up writing them down on post it notes.
The PIN code every time you want to use your phone is bloody annoying. It could improved to make it more useable, e.g.:
Only require a PIN if it's been more than 30 minutes since you last entered it.
Only require a PIN when accessing data in exchange like calendar/email.
Specify certain actions which don't require a PIN unlock, e.g. playing music or games.
Anyhow this is mostly irrelevant as this hack is only temporary and the setting reverts so that's a killjoy.
Click to expand...
Click to collapse
Lol, you have a point, but or colleague above is quite correct, the policy is enforced for a reason. At my company, such an offense can mean instant dismissal
(if you use exchange for just calendar and contacts, as i do, a pin is not required to unlock, the policy is only enforced for email strangely enough....)
I agree the Pin should be how it was in WM 6.5 where you could have it only ask after 2 hours or evey 24 in some cases. That way if was a good balance. This business of requiring the PIN every time you look at your phone is crap. I have removed it from my droid device and I am fornunate that my company will not hassle me over it. Still though its a bunch a crap to enter it every 5 minutes.