AirPlay security in Apple devices
AirPlay uses AES encryption to ensure that content is protected when mirroring or streaming from an iOS device or Mac to an Apple TV.
You can restrict AirPlay access to Apple TV by setting a one-time onscreen passcode or password to ensure that iOS devices and Mac computers are securely paired to Apple TV. You set the passcode using Require Device Verification. The iOS device or Mac must then authenticate on the initial AirPlay connection. Device verification is useful when Apple TV is deployed on an open Wi-Fi network.
After the initial AirPlay connection, subsequent connections don’t require a passcode unless onscreen code settings are enabled.
Note: Restoring an Apple TV or a previously paired Apple device to factory settings resets the initial connection condition.
Peer-to-peer AirPlay is always secured with the setting Require Device Authentication. This setting can’t be configured by the user, and it prevents any nearby unauthorized users from accessing an Apple TV.
The use of passcodes or onscreen codes is recommended for any Apple TV placed in a public environment. Using passcodes prevents unauthorized users from connecting, requires the user to be in the room (in view of the screen), and prevents another user from interrupting and taking over an AirPlay session.
You can use your MDM solution to restrict which AirPlay destinations are available to a supervised device, and prepopulate the passcode a device uses to connect to an Apple TV.