- Basics
- About Knox
- Knox licenses
- Knox white paper
- Sign up for Samsung Knox
- Latest release notes
- General Knox FAQ
- General Knox KBAs
- Submit a support ticket
- User Acceptance Testing
- For IT admins
- Knox Admin Portal
- Knox Suite
- Knox Platform for Enterprise
- Introduction
- How-to videos
- Before you begin
- Get started with UEMs
- Introduction
- Blackberry UEM
- Citrix Endpoint Management
- FAMOC
- IBM MaaS360
- Microsoft Intune
- MobileIron Cloud
- MobileIron Core
- Samsung Knox Manage
- SOTI MobiControl
- VMware Workspace ONE UEM
- Knox Service Plugin
- Release notes
- Migrate to Android 11
- FAQs
- Troubleshoot
- KBAs
- Knox Mobile Enrollment
- Knox Configure
- Mobile
- Introduction
- Get started
- Features
- License management
- Release notes
- Troubleshoot
- Wearables
- Shared Device
- FAQ
- KBAs
- Mobile
- Knox Capture
- Welcome
- Overview
- How-to guides
- Manage licenses
- Scanning profiles
- Apps and activities
- Scan engine settings
- Keystroke output and data formatting
- Export configuration and deploy through EMM
- Set the camera scan trigger
- Connect a hardware scanner
- Configure the output path
- Check a configuration in test mode
- Use intent output
- Knox Capture AR
- Get started
- How-to videos
- Release notes
- FAQ
- KBAs
- Troubleshoot
- Knox Capture: Scandit Edition
- Introduction
- How it works
- IT admins: Get started
- Getting started with Knox Capture
- Step 1: Launch Knox Capture
- Step 2: Create a scanning profile
- Step 3: Select apps and activities
- Step 4: Configure the scanner
- Step 5: Set keystroke output rules
- Step 6: Test apps in your configuration
- Step 7: Share your configuration
- Step 8: Deploy Knox Capture in Managed mode
- End users: Get started
- Features
- Knox Asset Intelligence
- Knox Manage
- Introduction
- How-to videos
- Get started
- Video: Getting started with Knox Manage
- Integration with Managed Service Provider
- Access Knox Manage
- Configure basic environments
- Create user accounts
- Create groups
- Create organization
- Set up devices and profiles
- Create a new profile
- Assign profiles to groups and organizations
- Enroll devices
- Shared Android device quickstart
- Non-shared Android device enrollment quickstart
- Android Management API device enrollment quickstart
- Apple User Enrollment quickstart
- View device information
- Apply profiles to organizations
- Set up Knox Manage deployment with a Knox Suite license
- Manage Chromebooks
- Manage Android devices with the Android Management API
- Manage Shared iPads
- Configure
- Licenses
- Organization
- Users
- Sync user information
- Groups
- Devices
- Content
- Applications
- Profile
- Knox E-FOTA
- Certificates
- Advanced settings
- Monitor
- Kiosk devices
- Knox Remote Support
- Active Directory
- Microsoft Exchange
- Mobile Admin
- Appendix
- Release notes
- Features
- FAQ
- KBAs
- Knox E-FOTA
- Introduction
- How-to videos
- Get started
- Features
- EMM integration
- Appendix
- Release notes
- FAQ
- KBAs
- Troubleshoot
- Knox E-FOTA On-Premises
- Legacy Knox E-FOTA products
- Knox Guard
- Samsung Care+ for Business
- For Knox Partners
- Knox Deployment Program
- Knox MSP Program
Knox E-FOTA On-Premises 22.04 release notes
Updates to password hash algorithm
Previously, Knox E-FOTA On-Premises used the bcrypt password hash algorithm.
Starting with this release, passwords are now hashed with the PBKDF2 algorithm to offer more flexible password security measures for high-security enterprises.
Benefits of the PBKDF2 algorithm include:
- Longer salt length and key length — 128 bits or higher
- Higher key iteration count — 10,000 or higher
- Lightweight pseudorandom function (PRF) — HMAC-SHA256 or HMAC-SHA512
Password length configuration
To comply with enterprise security regulations, Samsung installation engineers can now set a minimum and maximum length for user passwords. By default, the minimum password length is set to 8 characters, and the maximum is set to 12. The minimum password length that an installation engineer can set is 8-20 characters. The maximum length can be 12-30 characters.
IMPORTANT — Existing user passwords are not affected by this change. However, when an old password is updated, the new password must conform to the current policy.
