Apple Activation Lock is an in-built security feature that keeps iPhones, iPads, and macOS devices secure from unauthorized access. Users need to enter their Apple ID and password every time they try to reset or activate a device. This binds the device to its owner’s iCloud account.
The iCloud Lock or Factory Reset Protection (FRP) is part of the Find My iPhone app and runs on devices running iOS 7 or later. Activation lock is crucial for protecting sensitive data if a device is lost or stolen and improving the chances of recovery.
This blog will explain the concept of activation lock and activation lock bypass and will help you understand how to enable and bypass activation lock on iOS and macOS devices with Scalefusion MDM.
How is Activation Lock enabled on iOS and macOS devices?
Activation lock is automatically enabled when users activate the Find My feature on their Apple devices. On iOS devices, such as iPhones and iPads, activation lock can be enabled when the user turns on Find My iPhone in the settings app under the Apple ID section. This ensures the device is linked to the user’s Apple ID, making it secure and requiring the owner’s credentials for any future reset or reactivation.
For macOS devices, such as MacBooks and iMacs, the activation lock is enabled when Find My Mac is activated through the system preferences. By doing so, the Mac is similarly tied to the user’s Apple ID, protecting it from unauthenticated access. This security feature is particularly crucial in preventing device misuse if it is ever lost or stolen, as only the iPhone owner’s Apple ID and password can be used to erase or reactivate the device.
Types of Activation Lock
Activation lock is categorized into two types based on its enabling:
1. Organization Linked (MDM) Activation Lock
Organization-enabled activation lock is a secure method of managing activation lock on iOS devices through an MDM solution. MDM can contact the Apple server to apply the activation lock directly.
The device applies Activation Lock using Apple Business Manager (ABM) or Apple School Manager (ASM) admin credentials. If an MDM solution fails to clear the lock remotely, administrators can manually unlock it by entering their credentials on the device’s Activation Lock screen.
Organization-enabled activation lock ensures devices can be efficiently repurposed or reassigned within the organization, maintaining data security and operational flexibility. It is currently available exclusively for iOS devices enrolled through Automated Device Enrollment (ADE).
2. User-Linked Activation Lock
The user-linked activation lock allows users to enable it using their iCloud credentials. Since all supervised devices have the activation lock turned off by default, an MDM solution can allow users to turn it on. This is available for supervised iOS and macOS devices.
What is an Activation Lock Bypass?
Activation lock bypass removes the activation lock from Apple devices using a bypass code. This eliminates the need for the original owner’s Apple ID and password to clear the lock. Bypass codes offer a fall-back mechanism. IT administrators can clear the activation lock and reset and activate devices, ensuring they remain usable and secure for the new user.
Activation lock bypass is particularly useful in organizational settings where devices must be repurposed or reassigned after an employee leaves or joins the organization. This helps maintain the operational use of corporate devices while upholding device security, as it allows for the reactivation and reuse of devices without compromising their protection against unauthorized access.
What is the Need to Bypass the Activation Lock?
While Activation Lock is beneficial for securing personal devices, it presents challenges for corporate devices. Many organizations issue mobile devices to employees, each linked to the employee’s account. When an employee leaves and returns the device, the IT admin encounters a prompt for the previous employee’s credentials during a reset.
The device becomes unusable if those credentials are unavailable. Turning off the Activation Lock on corporate devices is not ideal, as it leaves them vulnerable to misuse if lost or stolen. Therefore, bypassing Activation Lock on MacBooks and iOS devices using a bypass code is necessary to maintain device security while ensuring they can be efficiently reassigned within the organization.
Types of Activation Lock Bypass Codes
Based on the activation lock applied, there are two types of bypass codes:
1. MDM-Generated Bypass Code
This type of code is generated by a mobile device management solution at the time of device enrollment. IT administrators can remotely clear the activation lock on devices managed through the MDM software. This is especially useful for organizations that use an MDM solution to manage their iOS and macOS devices, ensuring devices can be easily reused.
2. Device-Generated Bypass Code
This code is generated by the device when the activation lock is user-linked. Device-generated bypass codes are available for 15 days or until an MDM solution clears it. These codes are generated while setting up the device for the first time.
How To Bypass Activation Lock with Scalefusion MDM?
When user credentials linked to the Activation Lock are unavailable, IT administrators can retrieve the bypass code from the Scalefusion MDM dashboard to manually bypass the Activation Lock. Follow the below steps to bypass the Activation Lock:
On Scalefusion Dashboard
Step 1: Log in to the Scalefusion dashboard.
Step 2: Go to the Devices tab and select the iOS device for which you want to bypass the activation lock.
Step 3: In the device details dialog, click the Settings icon in the top right corner and select the Full Device Information tab.
Step 4: In the Full Device Information dialog, navigate to the Device Info section.
Step 5: Click on Bypass Code to view both the device-generated and MDM-generated bypass codes.
On Device
Step 1. On the Activation Lock screen, leave the username field empty and enter the MDM-generated bypass code in the password field. This will bypass the activation lock.
Note: Ensure the iOS device you want to bypass is enrolled in the Scalefusion dashboard through Apple Configurator or Apple Business Manager. Enrolling devices using any of the aforementioned methods will remove the Activation Lock and the user will not be able to enable it. |
Get Scalefusion for Activation Lock Bypass
Scalefusion MDM enables your organization to benefit from the activation lock’s theft-deterrent features while bypassing the lock on company-owned devices without requiring the former employee’s Apple ID credentials. With Scalefusion, you can enhance the operational efficiency of iOS and macOS devices and maintain comprehensive control over your Apple devices.
Contact our experts to book a free demo or opt for a 14-day free trial today to see activation lock bypass in action.