Microsoft’s Windows 10 allows users the choice of logging using a PIN rather than the traditional password offered in the past. The addition of a PIN login has perplexed more Windows users than any other operating system change I’ve dealt with in the past. “Why do we now have the option of logging in with a password, thumb print, facial recognition and now a PIN?”
The simple answer is a PIN is potentially more secure than a password. Even though Microsoft requires a minimum of four characters, using a four character PIN is more secure overall than a password if logging in with a Microsoft account. PINs are only used to secure a single device while a password secures the device and Microsoft account.
Depending on how many Microsoft products someone uses, their Microsoft password could allow access to email, Skype, LinkedIn and potentially many more Microsoft services. PINs are independent of global Microsoft accounts and control access to the single device.
Today’s devices use a little chip called a Trusted Platform Module (TPM) that secures the device by storing the key in an encrypted format. Rather than embed the password into the software, TPM implementation allows much more secure password storage that can’t be easily bypassed.
Adopting PIN login as the primary security option allows the option of a two factor authentication (2FA). 2FA secures the device by requiring a combination of the following:
- A form of knowledge like a PIN
- Something in the possession of the account holder like a cell phone or USB stick
- Fingerprint or other biometric characteristic of the owner
Passwords allow Windows 10 users access to not only email and online accounts, but the ability to wipe the machine and destroy data without the use of disks or third party utilities. Higher level privileges which the owner and IT maintenance people should only have access are allowed with administrative passwords. This opens the possibility of data destruction.
If you do wish to change to a PIN I suggest not forgetting your passwords. Without passwords, performing any type of system maintenance is impossible without destructively rebuilding data and reinstalling the operating system. My bottom line is that a PIN should only be used if the computer is shared among multiple users. If not, don’t change a thing.
(Jeromy Patriquin is the President of Laptop & Computer Repair, Inc. You can read past articles at www.LocalComputerWiz.com.)