I would like to get a poll of companies that require passwords on users handhelds via an IT Policy. Please list the name of your company if your company requires passwords.
Thanks

Sorry, I don't think so. Yes the company I work for does require a password.

Yes, our company requires a password, and sorry, I won't list what company it is.

Why not? All I want to know is the name of your company if they require passwords on your handhelds. The reason I ask is because my company is looking at requiring users to have a password on their handhelds and the execs want to know what other companies require passwords in case of user pushback.

yes my company requires passwords - they'd be very foolish not to.

But I am not stating who I work for in an open forum such as this where my companies IT policy and security settings might be discussed in depth too.

I'll just say that my company is in the manufacturing business and is a global company.

We require passwords to help keep the data on the device secure in the event that the device is lost or stolen. Also, we have MDS enabled, which allows users to get to our INTRAnet, and that is also something we don't necessarily want someone to get their hands on should they steal/find one of our company devices.

The password criteria is not a strict as some other places - the minimum length is 6 characters and must contain at least 1 number and 1 letter. Users are allowed to extend the timeout to 1 hour, have to change their password every 90 days, and can't reuse the last 7 passwords.

Because no one needs to know where I work. Simple as that. What I will can you is that I work for a Fortune 100 company.

Ditto

Our BlackBerry passwords are even more relaxed than that. Minimum length is 4 characters with no complexity requirements. Timeout is set to the of 1 hour, but the user can lower if desired. Password never expires and they can reuse previous password. With the device completely erasing everything after 10 log in attempts the risk is minimal.

Ok since no one wants to post the name of their company on the forums would it be possible for you to email me the name of your company? If so please do so at jeremygroh @ msn . com
Just remove the spaces from the address
Thanks

If you get any emails I'll be surprised. I don't see why the users can push back. If you lose your BlackBerry all that data and the connection to your intranet is there for the taking. If you have a password set all someone can do is wipe the handheld.

Yes - 4 character min.
Must be changed every so often -Not exactly sure but might be 2 months.
Can't reuse last 9 I think
20 min timeout that can't be changed- really pain on a long phone call cause I can't app switch.

Yes, 4 cahracters as well, 20 min timeout. Really kind of a pain, but understand the need....and it does protect me afterall.

6 character strong password required, timeout 30 min, and can not be extended by user, 30 day max password age, content protection enabled. As stated before, any company that doesn't enforce a password policy is foolish.

No dice on the company name from me either and bad form to be asking in the open like this. Could be construed as an attempted social engineering hack, especially in light of the recent vulnerability publication.

We require passwords and content protection

We require 4 character passwords, 60 min timeout. Can reuse, no char limits.

Yes, my company also requires passwords. They are requiring 8 character alphanumeric passwords with a time-out of 30 minutes and content protection. The password changes every 30 days and you cannot re-use the past 12 passwords in history. I am not at liberty to say what company either but it is a VERY large global corporation. We received push back from our execs on this very thing too but in this day in age, passwords should be this strict, especially on a portable device that can be easily stolen/lost.

We've only six users, two IT guys and six execs so we haven't required a password...yet. I have told them all that if they lose it to immediately contact me so I can lock it.

How? they don't have a BlackBerry any more

About you guys requiring complex passwords, I think that is overkill. It is very hard to brute force a 4 charactor alpha password with 10 tries. If you make the password complex you will just have to keep activating handhelds after these guys keep wiping them.

Good point. In addition, for those requiring content protection you also lose the ability of the administrator to reset the device password remotely.