Information
Sleep and screen saver modes are low power modes that reduce electrical consumption while the system is not in use.
Rationale:
Prompting for a password when waking from sleep or screen saver mode mitigates the threat of an unauthorized person gaining access to a system in the user's absence.
Impact:
Without a screen lock in place, anyone with physical access to the computer would be logged in and able to use the active user's session.
Solution
Graphical Method:
Perform the following steps to enable a password for unlock after a screen saver begins or after sleep:
Open System Preferences
Select Security & Privacy
Select General
Set Require password after or screensaver begins with a time of immediately or 5 seconds
Terminal Method:
Run the following command to require a password to unlock the computer after the screen saver engages or the computer sleeps:
$ /usr/bin/sudo /usr/sbin/sysadminctl -screenLock immediate -password <administrator password>
or
$ /usr/bin/sudo /usr/sbin/sysadminctl -screenLock 5 seconds -password <administrator password>
Profile Method:
Create or edit a configuration profile with the following information:
The PayloadType string is com.apple.screensaver
The key to include is askForPassword
The key must be set to <true/>
The key to also include is askForPasswordDelay
The key must be set to <integer><0,5></integer>