For non-destructive PIN reset, you must deploy the Microsoft PIN reset service and client policy to enable the PIN recovery feature. During a destructive PIN reset, the user's existing PIN and underlying credentials, including any keys or certificates added to their Windows Hello container, will be deleted from the client and a new logon key and PIN are provisioned. Destructive PIN reset is the default and doesn't require configuration. There are two forms of PIN reset called destructive and non-destructive. For non-destructive PIN reset, you must deploy the Microsoft PIN Reset Service and configure your clients' policy to enable the PIN Recovery feature. Non-destructive PIN reset: with this option, the user's Windows Hello for Business container and keys are preserved, but the user's PIN that they use to authorize key usage is changed.Destructive PIN reset is the default option, and doesn't require configuration. Destructive PIN reset: with this option, the user's existing PIN and underlying credentials, including any keys or certificates added to their Windows Hello container, are deleted from the client and a new login key and PIN are provisioned.Users are required to authenticate and complete multi-factor authentication to reset their PIN. Windows Hello for Business provides the capability for users to reset forgotten PINs using the I forgot my PIN link from the Sign-in options page in Settings or from the Windows lock screen.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |