Learn more about the Lock Device command and its expected behavior
- How to Lock a Mac
- How to Lock an iPhone or iPad
- Command Behavior for macOS
- Command Behavior for iOS & iPadOS
Lock Device
The Lock Device command is available on macOS, iOS, and iPadOS. It does not require supervision.
A locked device cannot recieve an Erase Device MDM command. For more information on erasing a device, see our Erase a Device support article.
How to Lock a Mac
- Navigate to the Device Record.
- Open the Device Action Menu.
- Select Lock Device.
- Optionally, configure a Lock message (macOS 14 or higher).
- Click Lock device.
How to Lock an iPhone or iPad
- Navigate to the Device Record.
- Open the Device Action Menu.
- Select Lock Device.
- Optionally, configure a Lock message and Phone number to display on the locked device.
- Click Lock device.
Command Behavior for macOS
For macOS devices, the device will be locked with an EFI/Find My PIN code. Some conditionals, whose behavior is unique to the hardware and macOS version, are outlined below. Once the device receives the command, a 6-digit pin will automatically be generated and available on the device record.
Mac computers with Apple silicon running macOS 11.5 or earlier.
- Lock device PINs are not supported on Mac computers with Apple silicon before macOS 11.5.
- The device will restart to recoveryOS, where an admin must authenticate, and activation will be required.
Mac computers with Apple silicon running macOS 11.5 or later.
- The device will restart and be locked with a randomly generated PIN once the device receives the command.
Mac computers with Intel running any supported macOS version.
- The device will restart and be locked with a randomly generated PIN once the device receives the command.
Command Behavior for iOS & iPadOS
For iOS devices, once the command is received, the screen will automatically be locked, and you can optionally specify a lock message. The device will be locked with the existing passcode.