| ▲ | tremon 4 hours ago | ||||||||||||||||
why must I use a low-security PIN in place of your pre-existing password? FAFAIK, all characters that are allowed in a user password are also allowed in device PIN codes. Knowing Microsoft, I'm sure there's domain policies to alter/restrict this. And the idea behind it is sound: that PIN is tied only to a single device, meaning that even if someone watches you enter your device passcode (or uses a keylogger), they can't go to a different machine or online portal and re-use the captured credentials there. | |||||||||||||||||
| ▲ | saratogacx 43 minutes ago | parent | next [-] | ||||||||||||||||
When setting up the PIN you pick for it to be alphaneumaric (There is a option for it) and it acts just like a password field with a silly name. The reason why it is tied to device isn't to protect against over the shoulder watchers, it is that the resulting key that is stored in the system is unique from system to system so you can't lift the key from one machine and use it on another. Maybe not as useful for a PIN but does make it harder to use a stored key to replace a biometric key so a compromised key doesn't leave every system you've ever logged into vulnerable to a key-auth attack. | |||||||||||||||||
| ▲ | lowbloodsugar 2 hours ago | parent | prev [-] | ||||||||||||||||
Because nobody would use the same pin for different devices. This is a farcical argument. | |||||||||||||||||
| |||||||||||||||||