Hey, let’s discuss about Enforcing Password Prompt on Wake for Stronger Security Using Intune. This Windows policy makes the computer ask for a password when it wakes up. When the screen turns on after sleep, the computer will stay locked. Only the real user can open it. This keeps the device safe.
Before enabling this policy, the device wakes up and goes straight to the desktop. Anyone near the computer could access files, emails, or applications without needing a password. This creates a high security risk in offices, homes, or public places. Sensitive information becomes easy to see.
After enabling this policy, the device always shows the lock screen and asks for the password. Only the correct user can unlock it and continue working. This prevents quick, unauthorized access, even during short breaks. It strengthens overall device protection.
This policy is important because it protects your personal and work information. People often leave their laptop for a short time. The policy makes sure nobody can use it during that time. It adds simple, automatic security.
Table of Contents
What are the Advantages of Enabling this Policy using Intune?
Enabling this policy makes your Windows device more secure by locking it every time it wakes from sleep. It stops anyone from quickly accessing your files, apps, or emails when you are away. It adds simple, automatic protection without needing extra user action.
1. Prevents unauthorized access when the device wakes
2. Protects sensitive files and company data
3. Provides automatic security in offices and public areas
4. Reduces the risk of data leakage
5. Helps maintain consistent security across all managed devices
Enforcing Password Prompt on Wake for Stronger Security using Intune
when this policy is enabled, the computer will always ask for a password after it wakes up. This means no one can open the device just by pressing a key or moving the mouse. The lock screen will appear every time the device comes out of sleep. This example shows how the policy protects your data in everyday use.
- Enhancing Password Security by Blocking Proximity Requests using Intune Policy
- Enable Edge Password Safety Alerts for Users Policy in Microsoft Intune
- Best Way to Enforce Password History Policy using Intune
Create a Profile
You can start the policy creation in Intune. Using simple steps, you can easily complete the policy creation. Open the Intune admin center. Go to Devices > Configuration > Policies> + Create > + New policy.After that, you will get a profile window to select the platform and profile type.
| Steps | Details |
|---|---|
| Platform | Windows 10 and later |
| Profile Type | Settings Catalog |
Basic Step
The basic tab is starting step of policy creation. On this tab, you have to give a name for the policy that you want to create. The name field is mandatory. Without giving a name, you can’t create a policy on the basic tab. You can also describe the policy, which description is not compulsory. Click on the next button.
Configuration Settings
The configuration tab allows you to select specific policy settings to manage your organisation’s devices. On this page, we click on the + Add Settings hyperlink. Then you will get a settings picker that will show different types of categories to select specific settings. Here I go to Administrative \Templates\ System\power management\sleep settings and Require a password when a computer wakes(on battery).
Once you have selected Require a password when a computer wakes(on battery) settings and closed the Settings picker. You will see it on the Configuration page. Here we have only two settings: Allow or Block. By default, it will be set to Block. If you want to block these settings, click on the Next button.
Enable this Policy
If we enable this policy, you can enable the Require a password when a computer wakes(on battery) by toggling the switch. After reviewing or adding more settings, you can click the Next button to continue.
Scope Tag]
A Scope Tag in Intune is used to control visibility and access to Intune resources based on administrative roles. Scope tags are not mandatory. You can add the scope tag using the Select scope tags button. Click the Next button to proceed.
Assignments
On the Assignments tab, we can select which users or devices get this policy. Under Include Groups, click Add Groups. From the list, select the group that we want to target (e.g. HTMD – Test Policy). Then click the Next button.
Review + Create
At the final Review + Create step, we see a summary of all configured settings for the new profile; after reviewing the details and making any necessary changes by clicking Previous. We click Create to finish, and a notification confirms that the “Require a password when a computer wakes created successfully”.
Monitoring Status
We can check a policy’s status in the Intune Portal. Generally, it takes about 8 hours for policies to be created. Use the manual sync option to reduce the configuration delay in the Company Portal app on the device, then check the status again. Navigate to Devices> Configuration. Click on the specific policy .
How to Remove Assigned Group from this Policy
Sometimes, we need to remove a group from a policy assignment for security updates. Open the policy from the Configuration tab and click on the Edit button on the Assignment tab. Click on the Remove button on this section to remove the policy. Click Review + Save after making the change.
For detailed information, you can refer to our previous post – Learn How to Delete or Remove App Assignment from Intune using by Step-by-Step Guide.
How to Delete this Policy from Intune
To delete an Intune policy for security or operational reasons. It is simple to do. I will demonstrate how to delete an Intune policy through Require a password when a computer wakes. Click the three dots, then click the Delete option.
For detailed information, you can refer to our previous post – How to Delete Allow Clipboard History Policy in Intune Step by Step Guide.
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
Anoop C Nair has been Microsoft MVP from 2015 onwards for 10 consecutive years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is also a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.