Applies to: Exchange Server 2007
Topic Last Modified: 2007-06-11
Use the Password page in the Exchange ActiveSync mailbox policy properties to set password requirements for Microsoft Exchange ActiveSync clients.
To use Exchange ActiveSync to synchronize mailbox data requires that the user authenticate to the server that is running the Client Access server role over HTTPS. After the connection is established, all information passes between the mobile device and a user's mailbox through the Client Access server.
You can create an Exchange ActiveSync mailbox policy to configure a variety of security options for users. In addition to password requirements and settings, you can specify the types of devices that can connect to the server that is running Microsoft Exchange Server, whether attachments can be synchronized, and whether users can access information that is on Windows SharePoint Services sites from their mobile devices.
- Require password
Select this option to require a password for the device. If passwords are required, select from the following options:
- Require alphanumeric password Select
this option to specify that the device password must include
non-numeric characters. Requiring non-numeric characters in
passwords increases the strength of password security.
- Enable password recovery Select this
option to enable password recovery for the mobile device. Users can
use Outlook Web Access to look up their recovery password and
unlock their device. Administrators can use the Exchange Management
Console to look up a user's recovery password.
- Require encryption on device Select
this option to require device encryption. This increases security
by encrypting all information on the storage cards for the
- Number of failed attempts
allowed Select this option to limit the number
of failed password attempts a device accepts before all information
on the device is deleted and the device is automatically returned
to the original factory settings. This reduces the chance of an
unauthorized user accessing information on a lost or stolen device
that has a device password.
- Minimum password length Select this
option to specify a minimum password length for the device
password. Long passwords can provide increased security. However
long passwords can decrease device usability. A moderate password
length of four to six characters is recommended.
- Time without user input before password must be
entered When a device password is required,
you can select this option to prompt the user for the password
after the device has been inactive for a specified period of time.
For example, if this setting is set to 15 minutes, the user must
enter the device password every time that the device is idle for 15
minutes. If the device is idle for 10 minutes, the user would not
have to re-enter the password.
- Require alphanumeric password Select this option to specify that the device password must include non-numeric characters. Requiring non-numeric characters in passwords increases the strength of password security.
For More Information
For more information about Exchange ActiveSync, see the following topics: