As an extra line of defense for your corporate data and content, you can enforce a container passcode to secure the isolated business container on a Knox enabled device.
You can allow fingerprint unlocking on the Knox container so that the end user can open the Knox container with a single swipe to recognize their fingerprint. Users have to specify a PIN or password as a backup unlock method. You can enable multifactor authentication which requires a pattern, PIN, or passcode in addition to a fingerprint.
If fingerprint or multifactor is enabled, users create a passcode based on standard requirements such as minimum passcode length, passcode content, and other settings in the console.
Admins can clear or change the passcode from the VMware Workspace ONE UEM™ console without affecting the device passcode. See the Knox Management Overview.