"Set Maximum Password Attempts" set, but users can change?
 

As subject really.

On our BES Express I have the following set:

Device Only
User Can Disable Password No
User Can Disable Password No
User Can Change Timeout No
Password Required Yes

Password
Suppress Password Echo No
Set Maximum Password Attempts 10
Set Password Timeout 30

On my Blackberry if I go to Options/Password I can't disable the password, and I can't change the timeout (they both show a padlock), but I can change the number of password attempts.

I expected it to be grayed out and padlocked - am I missing something?

Thanks in advance.

Re: "Set Maximum Password Attempts" set, but users can change?
 

Can you set it at more than 10?

Re: "Set Maximum Password Attempts" set, but users can change?
 

Heh.. no and when you put it like that I guess it's not an issue if they can only make it more restrictive.

I guess I'm used to Windows Group Policy where if you set something to "10" that's that, it's just "10".

Re: "Set Maximum Password Attempts" set, but users can change?
 

this isnt windows

Re: "Set Maximum Password Attempts" set, but users can change?
 

True, be nice if the policy guide PDF explained it though, and I don't think it does.

It's actually a good way of doing things IMO if you give the user the choice to make it more restrictive but not less than you'd settle for.

Re: "Set Maximum Password Attempts" set, but users can change?
 

You can also allow them to set the timeout to less than the maximum as well. I forced everyone down to 30 minutes and then quietly raised the limit to 1 hour. Those that complained the most, I told them how to adjust it ;)