DevicePolicyManager.SetResetPasswordToken(ComponentName, Byte[]) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Called by a profile or device owner to provision a token which can later be used to reset the
device lockscreen password (if called by device owner), or managed profile challenge (if
called by profile owner), via #resetPasswordWithToken
.
[Android.Runtime.Register("setResetPasswordToken", "(Landroid/content/ComponentName;[B)Z", "GetSetResetPasswordToken_Landroid_content_ComponentName_arrayBHandler", ApiSince=26)]
[Android.Runtime.RequiresPermission("android.permission.MANAGE_DEVICE_POLICY_RESET_PASSWORD")]
public virtual bool SetResetPasswordToken (Android.Content.ComponentName? admin, byte[]? token);
[<Android.Runtime.Register("setResetPasswordToken", "(Landroid/content/ComponentName;[B)Z", "GetSetResetPasswordToken_Landroid_content_ComponentName_arrayBHandler", ApiSince=26)>]
[<Android.Runtime.RequiresPermission("android.permission.MANAGE_DEVICE_POLICY_RESET_PASSWORD")>]
abstract member SetResetPasswordToken : Android.Content.ComponentName * byte[] -> bool
override this.SetResetPasswordToken : Android.Content.ComponentName * byte[] -> bool
Parameters
- admin
- ComponentName
Which DeviceAdminReceiver
this request is associated with. Null if the
caller is not a device admin.
- token
- Byte[]
a secure token a least 32-byte long, which must be generated by a cryptographically strong random number generator.
Returns
true if the operation is successful, false otherwise.
- Attributes
Remarks
Called by a profile or device owner to provision a token which can later be used to reset the device lockscreen password (if called by device owner), or managed profile challenge (if called by profile owner), via #resetPasswordWithToken
.
If the user currently has a lockscreen password, the provisioned token will not be immediately usable; it only becomes active after the user performs a confirm credential operation, which can be triggered by KeyguardManager#createConfirmDeviceCredentialIntent
. If the user has no lockscreen password, the token is activated immediately. In all cases, the active state of the current token can be checked by #isResetPasswordTokenActive
. For security reasons, un-activated tokens are only stored in memory and will be lost once the device reboots. In this case a new token needs to be provisioned again.
Once provisioned and activated, the token will remain effective even if the user changes or clears the lockscreen password.
<em>This token is highly sensitive and should be treated at the same level as user credentials. In particular, NEVER store this token on device in plaintext. Do not store the plaintext token in device-encrypted storage if it will be needed to reset password on file-based encryption devices before user unlocks. Consider carefully how any password token will be stored on your server and who will need access to them. Tokens may be the subject of legal access requests. </em>
On devices not supporting PackageManager#FEATURE_SECURE_LOCK_SCREEN
feature, the reset token is not set and this method returns false.
Portions of this page are modifications based on work created and shared by the Android Open Source Project and used according to terms described in the Creative Commons 2.5 Attribution License.