I'm asking the question here as I am fearful to ask in the W10 group as I may not understand the answer :-)
I was persuaded by Microsoft to change to a PIN rather than a password to log in (supposedly more secure). In my User account I still have the option of PIN or password, which seems to me a less secure position. How do I remove the password and make login by PIN only? Does this require administrator rights?
for such questions. If you don't understand the answer you could always post it hear. If you don't have adminstrator rights it would make me think that you might be using a work PC.
I don't follow the logic that a pin is more secure than a password. If each character of a pin has ten options and each character of a password has 26 or more, unless you are particularly foolish in selecting a password how do you arrive at your conclusion?
It's Microsoft's logic not mine. They say the 'PIN' is unique to the individual computer while the Password is stored online. The show the PIN method as 'recommended'.
Despite being called a PIN, if you tick a box you can use letters as well as numbers.
My concern is that having set up a PIN (as recommended by Microsoft) the former password still works, meaning there are two opportunities to gain access not just the one.
No. I have five accounts on my home PC. One is administrator. I also have user accounts for myself and others. I understood it was bad practice to run as an administrator all the time.
Me neither until yesterday when I discovered this is recommended by Microsoft.
However, you can more reasonably use a fiendishly long and complex password that you'd want to use as your daily login password. And use the PIN for everyday access on that one machine.
Might not be a good idea, but you also have the choice of using the same PIN for your Windows 10 PC and your Apple IOS or Android phone - despite the accounts having no relation to each other. Some might think it would make life easier but would be still secured with a copmplex password - which could (and should) be different for each account.
As far as I can see PIN is a misnomer. It looks as though the PIN can be as complex as a password. The difference seems to be local or central storage.
formatting link
certainly don't want the old password to co-exist with the new PIN as this defeats the object.
each character of a pin has ten options and each character of a password has 26 or more, unless you are particularly foolish in selecting a password how do you arrive at your conclusion?
What Microsoft is doing here, and I make no comment on whether it makes sense, is to use a login with Microsoft for which the user ID may be an email address and the password not particularly secure, saving these login details, presumably encrypted, on the PC, and using a PIN to access these credentials. These credentials are used to log in to the system. Presumably when Internet access is available the Microsoft credentials are checked (and the user's activity logged to a greater or lesser extent!) with Microsoft's server. I also assume that the PIN alone is effectively sufficient when Internet access is absent, otherwise the computer would be unusable without an Internet connection. Most advantages of this system would seem to accrue to Microsoft rather than the user, but perhaps it occasionally insists on direct entry of the Microsoft password??
To answer the OP's question (now I come to think of it) Microsft only allows this form of login to an administrative user. Even if the person concerned has administrative access via another user, they are not allowed to use the PIN method to log in to an ordinary user account. So the OP will be unable to do so.
On Wed, 1 Jan 2020 16:54:07 +0000, snipped-for-privacy@hayter.org (Roger Hayter) wrote: [snip]
No, I don't think that is correct at all. My 'user' account is definitely a standard user (I have checked). It gives me a choice of login method (PIN or password) and accepts a PIN in the form Xxxxnnnn. It also accepts the former password.
There was a guy who used the same number for his gym locker as the PIN of his bank card - which he kept in his locker. Someone saw him enter the number, unlocked his locker, and stole and used his card. The Guardian article that described this failed to observe how stupid this was.
Most of that that only really holds if you are talking about MS accounts rather than local only PC accounts. It also assumes your machine has a TPM module - which is quite likely for a laptop, but not that common on desktop machines as yet.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.