Through Primo, it is possible to enforce the minimum length, required complexity (uppercase letters, numbers, special characters) as well as the frequency of change for session passwords.
Session password renewal is managed by FleetDM and is triggered in two situations:
- When settings are modified in Primo MDM
- A check is performed every 7 days on the device
This feature applies to both PIN codes and traditional passwords.
On MacOS
- Renewal: The system does not require an immediate password reset when this feature is activated but is based on the date of the last modification. Password renewal will then be requested at regular intervals according to the requested configuration.
- Robustness: The system does not require an immediate reset but applies at the next password renewal. You can therefore combine renewal and robustness to ensure a quick update of all session passwords.
This feature is available on macOS 13 and later versions, except for macOS Sonoma 14.0 to 14.2 inclusive.
On Windows
- Renewal:
- PIN: The system forces the PIN update at the next login if it does not comply.
- Traditional passwords: The system does not require an immediate password reset when this feature is activated but is based on the date of the last modification. Password renewal will then be requested at regular intervals according to the requested configuration.
- Robustness: The system does not require an immediate reset but applies at the next password renewal. You can therefore combine renewal and robustness to ensure a quick update of all session passwords.