• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

HUGE FRG22D Annoyance

phantom6294

Newbie
Aug 3, 2010
36
4
First, let me fully admit this is an annoyance to me. Second, let me fully admit this situation is 'as designed.'

As was indicated by Verizon, FRG22D made some changes that 'improved security.' In particular... the ability for Exchange admins to enforce security settings.

Well, I have a hosted Exchange account (personal email) with 1&1. Post manual update to FRG22D, I am now required to have a PIN code to unlock the phone. No unlock code and the pattern are not available. So, every time my phone comes out of 'sleep' mode, I have to enter my PIN.

Incredibly annoying... Ultimately, it's an issue to work out with 1&1 to see if this can be changed. I see no setting in the options presented to me in the OWA settings or in 1&1's XAdmin panel.

If anyone happens to know if this is easily changed... please let me know. Sorry for the partial rant, but I am incredibly annoyed. Yes... annoyed at security.
 
First, let me fully admit this is an annoyance to me. Second, let me fully admit this situation is 'as designed.'

As was indicated by Verizon, FRG22D made some changes that 'improved security.' In particular... the ability for Exchange admins to enforce security settings.

Well, I have a hosted Exchange account (personal email) with 1&1. Post manual update to FRG22D, I am now required to have a PIN code to unlock the phone. No unlock code and the pattern are not available. So, every time my phone comes out of 'sleep' mode, I have to enter my PIN.

Incredibly annoying... Ultimately, it's an issue to work out with 1&1 to see if this can be changed. I see no setting in the options presented to me in the OWA settings or in 1&1's XAdmin panel.

If anyone happens to know if this is easily changed... please let me know. Sorry for the partial rant, but I am incredibly annoyed. Yes... annoyed at security.

cant you go into settings and change it? Not sure if you tried this but if you did then not sure what you can do
 
Upvote 0
cant you go into settings and change it? Not sure if you tried this but if you did then not sure what you can do

To what settings might you refer?

Under 'Settings' --> 'Location & security' --> 'Screen Unlock' --> 'Change screen lock' yields:
None - Disabled by remote phone administrator
Pattern - Disabled by remote phone administrator

Under 'Device Administrators' if I deactivate the the device administrator, I get an error the next time my email tries to sync, indicating it requires security features and request to reactive the device admin.

Under the email account settings... I see now settings related to security.

Is it best security practice to have some kind of protection on the phone... sure, but I'm not in a 'corporate' type of environment with strict policy about protecting information. It's just my personal email. I guess that's the price I pay for a hosted Exchange account.
 
Upvote 0
There is a workaround to this issue floating around the internet if you are rooted. It involves using the terminal emulator and a few lines of code, I have not tried it yet, but I hear it works fine.

There is also an app out on the market that you can download called Lockpicker that allows you to get around this, but it only works for 2.1 and older versions of android. I heard the Dev was working on a 2.2 version, haven't heard anything lately though.
 
Upvote 0
Yes I have something different where a email came in about 10 times in a matter of 5 hours from our exchange server (we have exchange 2010) and when you opened it only the 1st time it open like a program like if it was on in install screen with the options on the bottom ACCEPT or DENY. Pretty much asking you do you agree to allow the Administrator of the Exchange server to wipe data, change settings, force lock on phone, and the fourth option I don't remember.

What I'm getting @ phantom6294 is that the option you have has to be changed on the exchange server because it's there. Ask you admin to change it and that "annoyance" will be gone. The option to turn it off is definitely there. Because we have that option turned off and it doesn't happen to me. Hope this helps.
 
Upvote 0
I hope this helps. Those of you using the stock email, and are on an exchange server, may want to consider using Touchdown. Granted my company operates with the highest security standards. After my update I received a notification that my company needed to install software that would require a password each time my screen went to sleep. Since I use Touchdown I refused it. I called a guy in ou tech dept. and he advised to refuse it as it was only for the stock email app. Since my Touchdown requires a password anyway, my work emails would come as usual. So, if you use the stock, you may want to refuse and use touchdown or you will be entering your password an awful lot!
 
Upvote 0
I hope this helps. Those of you using the stock email, and are on an exchange server, may want to consider using Touchdown. Granted my company operates with the highest security standards. After my update I received a notification that my company needed to install software that would require a password each time my screen went to sleep. Since I use Touchdown I refused it. I called a guy in ou tech dept. and he advised to refuse it as it was only for the stock email app. Since my Touchdown requires a password anyway, my work emails would come as usual. So, if you use the stock, you may want to refuse and use touchdown or you will be entering your password an awful lot!

It's not that the Email app tries to install software to require a password. The Email app is using the built-in capabilities of 2.2 to enforce use of the existing PIN or password capabilities. If you accept this behavior initially and want to change it later, you can always go to Settings...Location & security...Select device administrators and deselect the Email app.

After the update, my phone required this setting immediately, and I accepted it. Some of my coworkers are reporting that they were not required to use a PIN or password after manually updating to FRG22D, but I'm not sure what the difference is.
 
Upvote 0
Folks,

I realize this is an Exchange security setting and the 'as designed' behavior. It just took a while for the Droid's software to properly implement the setting. This thread was mostly a whine session for me (hey, I admit it) but also to see if there was an easy to way to disable it. I didn't expect their would be... but figured it couldn't hurt to ask.

It's not that the Email app tries to install software to require a password. The Email app is using the built-in capabilities of 2.2 to enforce use of the existing PIN or password capabilities. If you accept this behavior initially and want to change it later, you can always go to Settings...Location & security...Select device administrators and deselect the Email app

As I already indicated... following those instructions and removing the device administrator breaks my ability to use my Exchange email; I am given an error that the connection cannot be opened due to a security error. This is to be expected.

I contacted 1&1 (my Exchange host) and they indicated they could disable this security feature for my account(s) but I would have to go it over the phone with them. Hopefully their email response is accurate and I can in fact disable this. As I said, the setting makes perfect sense in a corporate environment... I'm just not in a corporate environment with no significant need to have this level of security policy.
 
Upvote 0
It's not that the Email app tries to install software to require a password. The Email app is using the built-in capabilities of 2.2 to enforce use of the existing PIN or password capabilities. If you accept this behavior initially and want to change it later, you can always go to Settings...Location & security...Select device administrators and deselect the Email app.

After the update, my phone required this setting immediately, and I accepted it. Some of my coworkers are reporting that they were not required to use a PIN or password after manually updating to FRG22D, but I'm not sure what the difference is.


Just to be clear. I can accept the settings, then go in and deselcet the email. This will block needing a password each time my screen goes to sleep?
 
Upvote 0
I tested this on my server in my house. I was getting the same prompt.

The Exchange Server has two places where you can change this. One is organization wide under "Organization, Client Access, Mobile Mailbox Policy" just remove the "require password". This affects everybody with that mobile policy applied to their Recipient Mailbox. The other more realistic change when you are using shared hosting with many other users is to remove that policy from the Recipient Mailbox which will affect only one person.
Exchange Client Access Mobile Mailbox Policy.jpg

Manage Mobile Device.jpg
 
  • Like
Reactions: scottfvt
Upvote 0
Just to be clear. I can accept the settings, then go in and deselcet the email. This will block needing a password each time my screen goes to sleep?

No. I apologize for being unclear. The Email app will always enforce the security policy, and it will be unable to retrieve messages if you deselect the Email app in the setting that I mentioned. As far as I know, there is no workaround if you are not rooted and you want to use the stock Email app. Touchdown apparently uses PINs at the app level (i.e. every time you look at your email), but does not enforce them at the device level.
 
Upvote 0
No. I apologize for being unclear. The Email app will always enforce the security policy, and it will be unable to retrieve messages if you deselect the Email app in the setting that I mentioned. As far as I know, there is no workaround if you are not rooted and you want to use the stock Email app. Touchdown apparently uses PINs at the app level (i.e. every time you look at your email), but does not enforce them at the device level.


Ok. Sorry. I use Touchdown, and it still works great. If I do what you said about deselecting the stock email, will I still have to enter a pin each time the screen goes to sleep?
 
Upvote 0
got 22D pushed today. And for a time my native outlook email worked. I would get a notification bar item that i needed to update security settings and i'd click it and it would go nowhere. But my email still worked fine.

but at some point i got a message that i had to install (or maybe enable?) the administrator for that account. I did so. Then pretty much all hell broke lose.

I set up a password (or pin) as required but at boot ups I still get the notification item that i need to update security settings. I can manually force a "refesh" from the email screen and it will get my email but push seems to be dead. Doesn't matter if the screen is on or off- I dont seem to get any emails at all unless i manually force a refresh. I double checked and push is still selected.

anyone else having any such problems?
 
Upvote 0
Ok. Sorry. I use Touchdown, and it still works great. If I do what you said about deselecting the stock email, will I still have to enter a pin each time the screen goes to sleep?

I own touchdown but stopped using it after the first 2.2 update when i could get my exchange calendar added to the native cal app. I already was using the native contacts sync to exchange and foregoing touchdown's contact syncing. THe mess with not getting 2 way sync to the device phonebook with touchdown contacts was annoying. Does the latest touchdown sync better to the native phonebook? Touchdown's mail handling just rocks. Wish the contact handling was as good (think it's an adroid OS issue unfortuneately...)
 
Upvote 0
got 22D pushed today. And for a time my native outlook email worked. I would get a notification bar item that i needed to update security settings and i'd click it and it would go nowhere. But my email still worked fine.

but at some point i got a message that i had to install (or maybe enable?) the administrator for that account. I did so. Then pretty much all hell broke lose.

I set up a password (or pin) as required but at boot ups I still get the notification item that i need to update security settings. I can manually force a "refesh" from the email screen and it will get my email but push seems to be dead. Doesn't matter if the screen is on or off- I dont seem to get any emails at all unless i manually force a refresh. I double checked and push is still selected.

anyone else having any such problems?


I *THINK* I figured out the issue.

When you go to set a pin or a password it will tell you you some of hte rules but clearly not all. To set a pin i get told to use 4 numbers at least. I tried to take the easy way out and do 1111 and that offends it. That's when I get the notification to change security settings- but it doesn't give a hint anywhere what to change. Push doesn't work but manual sync will under those conditions. When I made a more secure pin it works fine and push works with the screen on, off, locked, whatever.

Not sure what the beef was with the password I was trying- i used 5 letters and 4 numbers (the rules it told me were at least 4 digits with at least one letter and one number)- I assume it wanted a cap or a symbol tossed in and wasn't happy without one.
 
Upvote 0

BEST TECH IN 2023

We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.

Smartphones