I have added a password policy with the following requirements for an android device.
passwordLength >= 4
passwordLenth < 4
This is the expected behavior from android. Since the minimum length of the password is set to 4 , all the entries which are less than 4 characters are not a treat since it dose not register as a valid password entry.
But the entry contains more than 4 characters this is a considered as a valid password and process this can be a rick since user can different entries and try to crack the password.
So the company reset/ wipe data is triggers when a user enter 3 or more password entries which consider as valid candidates for the password.