Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1346
  • Last Modified:

Invalid password message on BlackBerry device

BlackBerry devices are set through BlackBerry Administration Service policy running from BlackBerry Enterprise Server Express version 5.0.2.29. At times, the device does not recognize the password set by the User (getting "invalid password") - the policy is set to allow 10 password attempts. The User continues to enter password reaching sometimes 6/10 attempts. Then, gets prompted to enter the generic (initial) password set when the device was setup to "continue". Eventually, (usually) before the 10 attempts the User's password gets accepted.

Not sure if this is associated with when a remote password change takes place from the BlackBerry Administration Service. It appears it may be associated with the devices that have received a remote password change.

Has anyone seen this and know why the User is getting invalid password when entering it correctly on the device? And, why they get prompted for the generic/initial password to "continue" attempting to enter their User password?
0
BrownCountyIS
Asked:
BrownCountyIS
  • 3
  • 3
  • 3
  • +1
1 Solution
 
Mike SullivanDirectorCommented:
Hi BrownCountyIS,

Firstly, the 'generic' password. If you are constantly entering incorrect passwords, when you hit 10 attempts, the device will wipe. If you have left the device in your pocket unlocked, it would be irritating to take it out of ypour pocket and find it wiped. To counter this, the Blackberry will start to prompt you with increasing regularity to enter the word 'blackberry' before you can have another password attempt. Theoretically, this stops you from 'accidentally' wiping your BlackBerry.

Secondly, the user entering the password incorrectly. The more complex the password, the more likely there is to be a transcription error when entering it. Using the wrong 'Shift' key will swap a capital letter for a number or character. I suspect that the user may be typing the password incorrectly. Try using a simplified password with repeated characters (e.g. qaqaqa) and see if they have the same problem.
0
 
BrownCountyISAuthor Commented:
The "generic" password issue was not in a pocket or holster when this has occured. Too, entering a  password is set (Maximum Security Timeout = 30 min.) (Long-term Timeout = 60 min.) and is requiring a password be entered prior to the 30 min.

MikeTheRelic - is the "enter the work "blackberry" before you can have another password attempt something that is standard and built into BlackBerry devices?

It is not an issue of entering the User's password incorrectly - complex and less complex password entry was tested.
0
 
Mike SullivanDirectorCommented:
Hi BrownCountyIS,

The process that requests the word 'blackberry' to be typed before allowing another attempt at entering the correct password is a standard for BlackBerry handsets and cannot be changed or removed. Entering 'blackberry' will not unlock the handset. It is not a substitute for entering the correct password. It is just there to prevent the incorrect password being entered 'accidentally' too many times. The 'BlackBerry in the pocket' that I referred to was intended as an example only of why it was implemented as a standard.

Mike
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
BrownCountyISAuthor Commented:
Thank you Mike for explaining the request by the device to enter "blackberry". Administering BES is brand new.
0
 
RobMobilityCommented:
Hi,

Are you sure you want to configure the Long Term timeout - this will lock the device irrespective of user activity and will be irritating to end users.

Regards,


RobMobility.
0
 
Shabarinath RamadasanInfrastructure ArchitectCommented:
If you set device password from the BES console, Device will prompt a message which says that administrator made that change.

Also, you could suspect keypad issues where some keys are not working or another key is also getting punched along with the intended key.

Goodluck
Shaba
0
 
BrownCountyISAuthor Commented:
"RobMobility-Are you sure you want to configure the Long Term timeout - this will lock the device irrespective of user activity and will be irritating to end users".

Settings are (Maximum Security Timeout = 30 min.) (Long-term Timeout = 60 min.) The BlackBerry devices are requiring a password entry constantly while active or during  inactivity - which is irritating as you say - is the Long-term Timeout causing not to wait at least 30 minutes before requiring the User to enter a password? Trying to configure so the User must enter a password after 30 minutes of inactivity.  
0
 
RobMobilityCommented:
Hi,

I suggest you set something like the following (These are for BES rather than Express so you will not have all of the options available to you):

Device Only Items

Password Required: Yes
Minimum Password Length: 6, 9 or whatever length you require
User can disable password: No
Maximum Security Timeout: 15 [minutes] (for example)
Password Maximum Age: 30 days (for example) - make this consistent with your desktop policy
User can change timeut: No
Password Pattern Checks: suggest 2 (this can be used to enforce numbers, letters and special characters in the password)

Password Policy Group

Set Password Timeout: 15 mins (set this to the value of the maximum security timeout)
Set Maximum Password attempts: 5 (for example)
Suppress Password Echo: Yes
Maximum Password History: 15

Security Policy Group
Force Lock When Holstered: Yes
Resert to Factory Defaults on Wipe: Yes

Hope this helps - please adjust settings as required.

Happy to help further - please let me know.

Regards,


RobMobility.
0
 
RobMobilityCommented:
Hi,

The LongTerm timeout is the one that is causing the device to lock even when the user is using it.

Regards,


RobMobility,
0
 
Mike SullivanDirectorCommented:
Hi browncounty,

Did you resolve your issue with BES?
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 3
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now