AirPlay security in Apple devices
AirPlay uses AES encryption to ensure that content is protected when mirroring or streaming from an an iPhone, iPad, or Mac to an Apple TV.
You can restrict AirPlay access to Apple TV by setting a one-time onscreen passcode to ensure that Apple devices are securely paired to Apple TV. You set the requirement by going to Settings > AirPlay > Security and turning on Require Device Verification. The Apple device must then authenticate on the initial AirPlay connection. Device verification is useful when Apple TV is deployed on an open Wi-Fi network.
After the initial AirPlay connection, subsequent connections don’t require a passcode unless onscreen code settings are enabled.
Note: Restoring an Apple TV or a previously paired Apple device to factory settings resets the initial connection condition.
Peer-to-peer AirPlay is always secured with the setting Require Device Authentication. This setting, which can’t be configured by the user, and it prevents any nearby unauthorized users from accessing an Apple TV.
The use of passcodes or onscreen codes is recommended for any Apple TV placed in a public environment. Using passcodes prevents unauthorized users from connecting, requires the user to be in the room (in view of the screen), and prevents another user from interrupting and taking over an AirPlay session.
You can use your MDM solution to restrict which AirPlay destinations are available to a supervised device and to prepopulate the passcode a device uses to connect to an Apple TV.