[Superfly_FR]

Important

Suggestions made bellow should not be applied unless you know/understand the security risks implied. They are intended to provide a fast and dirty workaround and should not be considered as a valid solution in the long term. They are also specific to the Office365 environment and the 10.2.1.1055 OS leak

I was frustrated as I wasn't able to use picture password (I love this feature) on my Z30.
Sniffing around in the forums, I learned that it was unavailable for ActiveSync users.

I'm quite a rookie with Exchange admin, yet I knew mobile devices were handled via policies.
In office365 you can access these policies and set a bunch of parameters.
The topmost of these is the mandatory password.
Don't rush : please read ALL.

If you disable this mandatory password, picture password will work.

Please remember by doing so at the general policies level you basically cancel every control over the device(s). This IMHO is an absolute no-go; you have to set it for a (your) particular device only. By disabling password requirement, here are the inherited effects:
- No more device password required (obvious)
- No more password policy (length, strength, lifetime)
- No more encryption requirement

Therefore, I won't give you a "howto step by step guide" because I cannot cover all the aspects of a/your security strategy and don't want to make you potentially mess up everything in your settings.

Anyways, if you're at least a bit familiar with Office365/Exchange and have the credentials to perform these actions, this shouldn't be a problem.
In simple words, this is what you have to do
1. Create a Mobile Strategy (Policy ?) that does not require a device password and DO NOT set it as default
2. Apply this strategy to the device(s) you want to use with picture password.

Last but not least: disabling this parameter has no real effect on security because it won't forbid you to use (strong) password or crypt your device within the phone settings. It will just not apply to new devices if set as a general default policy. Yes, I could have started from here, but are you sure you'd have read the all post ?

[Eng.KoD]

even though I am a system admin I cannot just go and do that as this is my personal device.

is there a work around on the "device" itself instead of playing with company policies?

[Superfly_FR]

even though I am a system admin I cannot just go and do that as this is my personal device.

is there a work around on the "device" itself instead of playing with company policies?

Not that I'm aware of ... sorry.

[Graheem]

Thanks for this article, I got my Exchange specialist to implement this for me and it's great! Love Picture Password. Now BBRY just needs to fix this so it can be part of polices, as the iOS finger print is. This will be popular with users I think as it makes it so easy, yet so secure, especially for those in viewing proximity.

[lotuslanderz]

Just curious --
With iOS7 and the iPhone 5s, you can unlock the phone with your fingerprint even for work Exchange ActiveSync (where you need a 5-digit code). Can a similar work-around be used for picture password?

[Superfly_FR]

Just curious --
With iOS7 and the iPhone 5s, you can unlock the phone with your fingerprint even for work Exchange ActiveSync (where you need a 5-digit code). Can a similar work-around be used for picture password?

It is very likely that once out of the "leak" state, this feature will integrate compliance with major standards, Exchange/ActiveSync being obvious.

[lotuslanderz]

It is very likely that once out of the "leak" state, this feature will integrate compliance with major standards, Exchange/ActiveSync being obvious.

Would definitely like to see that!

Posted via CB10

[schwede]

Is there any update on that issue?
Now that 10.3.1 is out it seems that it is still not possible to use the picture password if ActiveSync is used.