Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MDM clear passcode command -> does it open unsupervised BYOD device enrolled phone to access personal data, etc?

P

pelibeni

macrumors newbie
Original poster
Jul 26, 2025
1
0
Hello,

does Apple allows MDM command to clear passcode (removing passcode and biometrics) from phone under MDM without needing supervision mode? https://developer.apple.com/documentation/devicemanagement/clear-passcode-command

So basically personal device enrolled BYOD iPhone content can be access (if in physical possession) by company IT admins?

I stumbled upon some post, where they mentioned after clearing passcode, they were able to see content of passwords, photos, etc.

I know that Apple offers also less intrusive BYOD enrolments (user enrolment), but not every company offers it.

And this is rather specific and not very probable situation to happen - if I have my personal device in my possession, I just have to make sure I won't give it to IT admins, if I ever forgot password, and just reset the phone and restore backup. Still don't know what to think about it.
 
I use Intune, and the doc for this
learn.microsoft.com

Reset device passcodes with Microsoft Intune

Remove or reset the passcode by using the remove passcode action on devices you manage or monitor with Intune.
learn.microsoft.com
agrees that this isn't possible with user enrolment, but otherwise is supported, indicating that on supported devices, admins could access your data - how this works with other devices passwords in particular, I'm unsure.
 
pelibeni said:
Hello,

does Apple allows MDM command to clear passcode (removing passcode and biometrics) from phone under MDM without needing supervision mode? https://developer.apple.com/documentation/devicemanagement/clear-passcode-command

So basically personal device enrolled BYOD iPhone content can be access (if in physical possession) by company IT admins?

I stumbled upon some post, where they mentioned after clearing passcode, they were able to see content of passwords, photos, etc.

I know that Apple offers also less intrusive BYOD enrolments (user enrolment), but not every company offers it.

And this is rather specific and not very probable situation to happen - if I have my personal device in my possession, I just have to make sure I won't give it to IT admins, if I ever forgot password, and just reset the phone and restore backup. Still don't know what to think about it.
Click to expand...
If you prefer to use a personal device for work, have one specifically for that purpose. Have it on a separate iCloud account and only use this device for work. This way none of your personal data could be leaked.

For so many reasons it’s always best to separate your work and personal life.
 
  • Like
Reactions: maerz001 and Mr_Brightside_@
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back