Some iPhone devices are not wiped when the number of failed attempts exceeds the 'maxFailedAttempts' property of the password policy

Hello,

I am testing Configuration Profiles' Passcode policy in an MDM environment. After setting the 'maxFailedAttempts' property to 5 and deploying the Passcode payload via MDM to iPhones, some iPhones are not wiped after exceeding 5 failed passcode attempts. Could you please advise on the possible reasons for this issue?

Devices affected: iPhone 11 (iOS 16.4.1), iPhone 12 mini (iOS 16.5).

Answered by Device Management Engineer in 797655022

Apple devices record each time there is a failed passcode attempt. However if someone enters the exact same incorrect passcode consecutively, it only counts as one failed attempt. Sometimes people who verify the behavior of the maxFailedAttempts policy test it by repeatedly entering the same passcode, so they run into the issue you describe. I suggest retesting with this behavior in mind.

Please file feedback and attach a sysdiagnose from an affected device.

Accepted Answer

Apple devices record each time there is a failed passcode attempt. However if someone enters the exact same incorrect passcode consecutively, it only counts as one failed attempt. Sometimes people who verify the behavior of the maxFailedAttempts policy test it by repeatedly entering the same passcode, so they run into the issue you describe. I suggest retesting with this behavior in mind.

Some iPhone devices are not wiped when the number of failed attempts exceeds the 'maxFailedAttempts' property of the password policy
 
 
Q