Unique DEP local admin password (per device)
It would be great if the password of the local administrator account created during the DEP enrolment was unique to that device.
The password could be shown in the device information together with the EFI password and FileVault recovery key.
Sebastian Norling commented
Indeed very needed. An attacker knowing one password to get root access to all employee devices... *shivering*
Daniel Hahn commented
This would be a great feature! We currently have a local admin account for each device, which we could create during DEP. But with a single password, if we ever need to change it for any reason, we'd have to touch ALL machines.
The current alternative is that our admin sets up all user accounts and passwords manually, but of course it'd be way cooler to have zero-touch deployments.