iOS Passcodes
iOS passcodes provide a mechanism to link a virtual session to a registered iOS device. A passcode is shown within the virtual session during the initial remote connection. That passcode must then be entered within the deviceTRUST Client Extension for iOS for the connection to be established. Passcodes are unique to your organisation.
Passcode complexity and expiry
The passcode complexity and expiry can be changed within Mobile Settings. The passcode complexity controls the number of digits within a passcode, and can be set to 3, 4, 5 or 6 digits. Smaller organisations may choose a smaller passcode complexity so that they are easier to remember. Larger organisations should choose a larger passcode complexity.
Passcodes remain valid for the passcode expiry time which can be from 30 seconds to 3 minutes. Shorter passcode expiry times gives the user less time to enter the passcode. Longer passcode expiry times give the user more time to enter the passcode. Once a connection has been established with the iOS device, or the passcode expires, then the passcode is removed from the system and may be reused for other connections.
Simplifying passcode entry with notifications
Organisations that issue a single iOS device to each user may associate each device with that user within the deviceTRUST Portal. Each device has the following fields that enable this:
- userName - The name of the user within Active Directory.
- userDomain - The name of the user domain within Active Directory.
- userPrincipleName - The user principle name of the user within Active Directory.
When a user logs in from an iOS device, a check is performed to determine if that user has a single device associated with them. The check is performed against the user name and domain, or the user principle name. If a single device is found, then a notification containing the passcode is sent to the device. If the user clicks on that notification, the passcode is automatically entered.
The user fields above can be automatically updated within the deviceTRUST Portal by deploying an MDM Managed App Configuration to the iOS devices.
Redirecting back to the remoting client
Once the user passcode has been entered, the deviceTRUST Client Extension for iOS can optionally redirect back to the remoting client. Within the Mobile Settings is a Success Link field which is opened whenever the properties of the iOS device have successfully been sent to the deviceTRUST Agent. The Success Link control contains predefined values for Citrix Workspace, Microsoft Remote Desktop and VMware Horizon Client.