We help IT Professionals succeed at work.

How can IForce authentication on iOS MS Exchange accounts.

Shurik6 asked
Hello. I have been playing with Mobile device policies and it seems to be that it all wraps around the entire iOS device.  Specifically passwords. I am not looking to lock down the entire device, I am just trying to force  iPhone users get prompted for their Exchange Password each time they try to check their email. I realize that we can un-check the box to remember password for Exchange account, but the end user may go in and check it back to remember. Is there a way I can force Exchange authentication each time a user checks their exchange email on their device?   Locking down the entire device doesn't make sense as each user carries their personal phones. If these phones were company issued this wouldn't be a problem. Thank you!
Watch Question

Manpreet SIngh KhatraSolutions Architect, Project Lead
Top Expert 2013

Not sure if this can help your cause

iPhone in Business

- Rancy


Thanks Rancy, but this is a general overview of iPhone support for Exchange. It doesn't answer my question whether I can lock down JUST the Exchange account on the device and force users to authenticate with Exchange each time they check their mail. I don't want to lock then entire phone. Basically, looking for alternatives to services such as good.com which installs an app that does just that.
Shurik6 there is no way of doing this that I know of.  We use TouchDown on Android devices which would give this kind of functionality, but it isn't available on iOS and to be honest isn't likely to ever be as the iOS Mail client is generally seen as a good user experience and is inherently very secure, whereas the Android OS has some limitations that created the market for the likes of TouchDown.

I guess the question would have to be asked why you want to do this?  You mention Good and one of the reasons Good is heading into decline is for the very fact that it isn't the native iOS client with the simple and consistent Apple user experience.  It's also worth mentioning that without an unlock code set on the device Data Protection will not be enabled so the mail client will not be sufficiently encrypted and secured - ie. for business use it would be ill-advised not to have an unlock code set on device, in which case having another one set for the mail client probably wouldn't be necessary.

Hope that's of some use, I work for a company that sells MDM products and advises on smartphone usage in business so conversations like this come up a lot :)