Skip to main content

Search

Knowledge Center

Mobile Response (iOS): Managing Lock to Device

Purpose Statement

The device account locking feature allows administrators to restrict user accounts to a single mobile device, preventing unauthorized access from other devices. This functionality is particularly valuable for unit-specific devices such as tablets or phones assigned to apparatus, stations, or specific roles where account security and access control are critical for operational integrity.
 

Background Information

Device account locking provides enhanced security by binding user accounts to specific mobile devices. This feature is essential for departments using shared unit devices, apparatus-mounted tablets, or specialized equipment where multiple personnel might have physical access to the device but should not be able to access the account from their personal devices. Once enabled, the account can only be accessed from the designated locked device, preventing unauthorized logins from other mobile devices. This feature is commonly used for apparatus computers, station tablets, and supervisor devices.

💡

Tip:

 This functionality is especially useful for devices assigned to units or apparatus'

Required Permissions

  1. The permission of Admin-User Users will be needed in order to access the User Profile Area in the Admin Module:
    1. Read: Allows for the read only viewing of the Users and their profile
    2. Update: Allows for the viewing and editing of the Users and their profile
    3. Create: Allows for the creating, viewing and editing of the Users and their profile
    4. Delete: Allows for the creating, viewing, editing and deletion of the Users and their profile

Video

Step-by-Step Guide


Locking to Device:

  1. Ensure that the user account that you want to lock to a single device is not logged into any devices.
     
  2. From the First Due website, the administrator should go to the Users menu in the Admin Module

 

  • Select the edit Pencil in line with the User you want to enable the Lock to Device on.

     


     

  • Scroll to the bottom of the user edit screen, toggle Lock to Device on and select 

     

 

  1. The next mobile device that logs into the user account will be the only mobile device that the user account can be associated with.
     
  2. The identifier for the mobile device will populate below the Lock to device toggle.
     


 

Changing devices

  1. If the need arises to change devices that the user account is locked to, the administrator just needs to:
    1. Edit the user account
       
    2. Toggle Lock to device off to release the lock from the previous device
       
    3. Select 
       
    4. Edit the user account
       
    5. Toggle Lock to device on
       
    6. Select 
       
    7. Log in to the user account using the new device

Best Practices

Do's

  • Always ensure accounts are logged out of all devices before enabling device lock
  • Document which accounts are locked to which devices for inventory management
  • Test device lock functionality after initial setup to confirm proper operation
  • Maintain a record of device identifiers for troubleshooting purposes
  • Coordinate device lock changes with personnel who use the affected accounts
  • Use device locking for shared apparatus devices and station computers

Don'ts

  • Don't enable device lock while the account is actively logged into multiple devices
  • Don't forget to save changes after modifying device lock settings
  • Don't lose track of which device an account is locked to
  • Don't use device locking for personal user accounts that need multi-device access
  • Don't enable device lock without proper documentation and communication

Tips & Recommendations

  • Consider using device locking for all apparatus-mounted devices
  • Implement device locking as part of your cybersecurity protocol
  • Create a standard naming convention for device-locked accounts (e.g., "Engine1-Tablet")
  • Schedule regular reviews of device-locked accounts to ensure they're still needed
  • Train supervisors on the device lock change process for emergency situations
  • Document the device unlock process for equipment replacement scenarios

Troubleshooting & FAQs

Q: The device lock isn't working and users can still log in from other devices. What's wrong?
A: Ensure the account was completely logged out of all devices before enabling device lock. The lock only takes effect after the changes are saved and the account logs into the designated device.

Q: I need to change the locked device but can't remember the process. What should I do? 
A: Disable the device lock toggle, save, then re-enable it and save again. The account will lock to the next device that logs in.

Q: The device identifier isn't showing up after enabling device lock. Why? 
A: The device identifier only appears after the account successfully logs into a mobile device following the activation of device lock. Ensure the account logs in from the intended device.

Q: Can I see which device an account is locked to? 
A: Yes, the device identifier appears below the "Lock to Device" toggle in the user's profile when the lock is active.

Q: What happens if the locked device is damaged or lost? 
A: Follow the device change process: disable device lock, save, re-enable device lock, save, then log in from the replacement device.

Q: Can one device be locked to multiple accounts? 
A: Yes, multiple accounts can be locked to the same device, but each account can only be locked to one device at a time.

Q: Will device locking affect web browser access? 
A: Device locking typically applies to mobile app access. Web browser access may still be available depending on your organization's configuration.