Configuring iPad's to not require passwords routinely
I have a small commercial building with about 6 iPads that were set up by a marginally competent vendor. They periodically require passcodes and Apple ID passwords and this has become a serious inconvenience.
The iPads are set up throughout the building and control things like lighting, access doors, and the security system. Individual applications have their own authentication procedure and everyone in the building is authorized to use the system. The Apple ID is owned by management and has a very secure password.
Here's the problem:
The iPads constantly prompt for the Apple ID password, which only management knows. This has resulted in someone from management having to go to every room in the building and enter the very secure (takes long to enter) on every iPad. And I've watched them do this -- it prompts for it over and over. First it asks for it for no particular reason. Then it asks for it to update software. Then it asks for it again for no particular reason. I should make a video of this, it's ridiculous.
This means application additions and updates have to wait for management to make rounds to every iPad and enter every password two or three times. The prompts for the Apple ID password also seem to appear randomly and are system modal -- you can't just ignore them or hit the home key, you must answer them.
There has to be a better way.
How can I deal with users trying to access emergency functions having to find the "Cancel" button on an Apple ID prompt that has appeared for no particular reason?
How can I allow users to install and update applications without having to go to a manager to get the Apple ID password?
Are we doing everything wrong? Is there some simple, sane way for a very small entity to manage a small number of iPads that solves these issues?
I’d say - superficially you’re doing it wrong. I’m sure there were good intentions to start, but a little professional management would go a long way in your situation. You'll need automation and someone to learn and/or explain how these iPads will be managed securely:
- There’s no fighting the inherent design of iOS to be tied closely to an AppleID.
- You need MDM supervision to lock these devices to your business in supervised mode.
- MDM allows easy purchasing and provisioning of iOS apps centrally and securely (no password required on the devices)
- Here is the documentation on forcing updates which means people don't need to enter the password.
- You don’t need to be so draconian on pass codes or local accounts now that you've decoupled management and automated setup / wiping.
MDM frees you to hand the devices to people that could break things by not being trained how to operate the iPad settings and updates. Don’t blame the vendor or the people, just make it free / inexpensive / reliable to get things back where they need to be. iOS devices can be managed, secured and ready to work like a refrigerator or espresso machine and not like a Mac or PC needing paid help desk and a lot of end user training.
If you’re budget constrained. I would dip your toes in with a free - hosted MDM like Jamf Now - You get three enrollments for free forever and can read up on how to assign devices and apps systematically.
- https://www.jamf.com/products/jamf-now/
The reason I recommended that one is they specialize in MDM for teams without dedicated IT support and have extremely helpful user support and paid support for customers.
Another option would be Ground Control - they have a more “image” focused, so if you wanted to treat these iPads like a cart of devices all set up the same, explore their offering:
- https://www.groundctl.com/
Once you’ve gotten one or two devices enrolled and played around a bit, you can decide if it’s time for you to manage the AppleID for this company using Apple Business Manager:
- https://business.apple.com/
There is a cost you need to invest in terms of time you’ll spend learning to manage this, so I would make an estimate how much opportunity cost you’re losing by managing things and learning and making mistakes vs paying a team that knows how to run things to come in for a fixed period / fixed cost and get you stabilized. That way you’re happy with paying so you can make money elsewhere (or control budget elsewhere) or that you’re happy having you/your staff learn how to manage IT whether it’s your job or a side assignment.