Does anyone else have these options enabled in your password policy? Enable Long-Term Timeout is a session-based timeout that will lock the device regardless of inactivity (it can invoke a lock if you are in mid-sentence typing). This is based on when the device was unlocked. The Periodic Challenge Time is used to define this timeout (which is 60 mins by default).

Needless to say, some users are less than happy about these being set (to 60 minutes), so I'm curious what others are doing or have done in the past with regards to these options (or if you have them enabled). Thanks.

__________________
BCSA (4.1, 5.0) | BCSD (4.1, 5.0)

The views expressed by me on Port3101.org are my own and do not necessarily reflect the views of my employer.

In my opinion, those policies are way too strict for typical corporate use.
We tried them with a small group of power users and they wanted to shoot themselves as a result of the frustration.
There's definitely a point where productivity begins to be seriously hindered by security. These policies, for us, pushed our users over that line for sure.

Government agencies and organizations with REALLY sensitive data will probably be the only ones who really need this type of security.

__________________

No longterm or periodic timeout here for my folks. We have the 60 minutes of inactivity enabled. Yeah, 60 minutes is a looooong time, but I have documented my opposition to it several times to senior management. This was their *final*decision. Since I'm just the Admin and not a Manager, I have to go along.

__________________
DarthBBerry
BES Admin & Wireless Sith Lord
WES 2007, 2008, 2009 Survivor

We use the long term timeout at my place. Otto, be happy with 60 minutes. We have it set for 15 minutes. (Oddly enough the rules say we have to have the inactivity lock out at 15 minutes as well). So every 15 minutes whether you like it or not the BB locks and you get to retype your password. You would think with all that practice typing their passwords my users would never forget their passwords and wipe their devices. Yeah, right.

__________________
AUTIGER92
Exchange\Blackberry Admin
4 - BES Servers (4.1.6), 3 Exchange Organizations,
~1800 BB Users, and a headache.
War Eagle!!

You're starting to sound a lot like me!

__________________
DarthBBerry
BES Admin & Wireless Sith Lord
WES 2007, 2008, 2009 Survivor

Need a whole thread on users stupid blunders.

__________________
AUTIGER92
Exchange\Blackberry Admin
4 - BES Servers (4.1.6), 3 Exchange Organizations,
~1800 BB Users, and a headache.
War Eagle!!

Agreed. I go for a timeout of 10 minutes before a lock which requires a password afterwards to get back in. 6 incorrect password attempts and your device gets killed. I also have a password list of denied passwords which I enforce (obvious stuff like qwerty, BlackBerry and the big common one...in the case of Pearls.... T - G - B - Spacebar).
Thread...whole forum more like!!!!

__________________
Si MCTS
Co-Owner
Port3101 - Your BES Connection

Don't forget, you can follow us on Twitter

The views expressed by me on Port3101 and its affiliated sites are my own and do not necessarily reflect the views of my employer.

I dont think a 1000 clustered server farms could hold all that content.

__________________
------------------------------------------------------

Torch 9800 on BES 4.1.6 MR7, Exchange 2003, SQL 2005.
WES 2009-2010 Survivor

We let the user have 5 attempts before an incorrect password wipes the device. Plus, the user does have two opportunities to type the word "blackberry" as well. You'd probably wouldn't be surprised on how many users type their password in when it's asking for the word "blackberry" and can't figure it out.

__________________
AUTIGER92
Exchange\Blackberry Admin
4 - BES Servers (4.1.6), 3 Exchange Organizations,
~1800 BB Users, and a headache.
War Eagle!!

Mine try to add in the quotes around the word blackberry and wonder why it still wont work. They can figure out how to type in quotes when it's not needed but can't type a friggin number?!

__________________
DarthBBerry
BES Admin & Wireless Sith Lord
WES 2007, 2008, 2009 Survivor

security timeout set to 30m on the device, max via policy is 60m. Longterm timeout is enabled and should be 90m, via "Periodic Challenge Time" setting. I've witnessed timeouts inside of 10 minutes, but this is limited to only 9000 devices. Anybody experienced similar.

Somebody was asking about this today. I didn't even know this existed. I was like you are getting a password prompt during active use? Wow.