This sign-in method has long been a part of Windows Hello in the Windows operating system.

The default state of the PIN is for simple numerical characters between 4 and 127.

Lets assume that you have configured a 4-digit regular PIN on your Windows computer that only includes numbers.

Now imagine you added alphabets too, and special characters, and increased the minimum PIN length to 8.

Well, PINs are local to the machine.

Plus, a PIN is much easier to remember.

Navigate to the following:

Click PIN (Windows Hello).

You have now successfully configured the Windows PIN Sign-on.

Configuring a new PIN will now make the use of digits mandatory.

To disable this property, all you must do isDisableorNot Configurethe policy.

However, the range must be between 4 and 127, as permitted by Windows.

Expiration

By enabling theExpirationGroup Policy, the administrator can set a limit on a PIN to last.

The value can be set in the number of days from 0 to 730 (2 years).

By default, the value is 0, which means that the PIN never expires.

An expired PIN simply needs changing, ensuring that the PIN is changed frequently.

This makes your rig more secure in case a previous PIN combination was hacked/known.

Double-hit the Expiration Group Policy.

Meaning, a user cannot use their old PIN again as their new PIN.

The number of unusable past PINs can be configured from 1 to 50.

It would only make the PIN more secure by increasing its complexity level.

Here is a list of the special characters that are allowed: !

$ % & ( ) * + , .

/ : ; < = > ?

This will also increase the complexity of the PINs created.

Configuring PIN Recovery

Note that PIN recovery only works with devices registered with Azure Active Directory.

Here is how:

kick off the Group Policy editor by typing in gpedit.msc in the Run Command box.

0

Get weekly insights, tips and exclusive content delivered straight to your inbox.

Talk to us straight and get your questions answered right away

source: www.itechtics.com