I'm curious about the recommended settings for Windows Hello for Business (WHfB), particularly around the complexity of PINs. How complex do you think they should be? I feel it's important to strike a balance—some level of complexity is necessary to prevent issues like shoulder surfing, but I also don't want to be overly cautious to the point where it affects usability. Is there a guideline I should follow, or am I worrying too much?
5 Answers
Honestly, don’t stress about it too much. A good minimum is 8 characters with a mix of uppercase, lowercase, and special characters. That should cover your bases without complicating things for users too much.
Remember, it's just a PIN, not a password for local access. But it's crucial to choose something that isn't too basic. We handle sensitive data here, so ensuring people don’t use super simple PINs is important!
Lol, yes, I know! Just making sure our settings keep security tight!
I think a 4-digit PIN is enough for most cases, but if you’re worried or dealing with sensitive info, maybe go for 6 digits. Going beyond that usually just leads to people writing it down, which defeats the whole purpose. Just keep it simple!
All hail the MoT!
A PIN should really stay under 6 digits. Consider setting up trusted devices as a secondary measure for extra security. That way, you can keep things straightforward for the users while still protecting sensitive data.
Awesome, thanks for the tip!
I’ve read that PINs are typically a backup for biometric logins. So, if you can implement biometric verification first, you might not need to overthink your PIN complexity at all.
The fuck?