Microsoft has made an unprecedented change to the way Windows 10 security updates would be rolled out from May 2020, that does not mean the new version updates are a thing of the past. The new version of Windows 10 will be expected to be rolled out April 2020 or possibly in May 2020 with some changes to the security options that will surprise many users. Microsoft wants users to stop using passwords and start using PINs.
Yusuf Mehdi, Microsoft corporate vice-president, recently announced that more than one billion people are using Windows 10. Microsoft announced that it was pausing all optional, cumulative, non-security updates to Windows 10 security from May 2020, that has raised few eyebrows, but nothing more.
Upping the surprise stakes, however, is the realization that the next incarnation of Windows 10, currently known to insiders as 20H1 or 2004, and which might well still reach ordinary users in April 2020, wants you to replace passwords with PINs.
The Windows 10 20H1 update will likely bring with it a whole bunch of feature tweaks impacting everything from Cortana to Bluetooth connectivity and improvements to Notepad. Where things will get more interesting are the changes that Microsoft is expected to make to Windows 10 security options. It has been noted for the Windows 10 20H1 build, which reveals that Microsoft is continuing with its move towards a passwordless future for all users.
How to Swap Passwords for PINs in Windows 10 Security Updates
According to reports on Forbes, Microsoft is pushing for passwordless sign-in to Microsoft accounts on devices. Though, this will be optional, by way of Settings|Accounts|Sign-in options using the new settings app that is slowly but surely replacing the old control panel.
There is going to be an option to “Make your device passwordless,” that Microsoft promises will improve the Windows 10 security and provide a more seamless sign-in experience.
- “This will strengthen your device sign-in by switching all Microsoft accounts on your device to modern multifactor authentication with Windows Hello Face, Fingerprint, or PIN,” the Microsoft documentation states”
This new development could leave many users a little confused and wondering how a PIN can be more secure than a password? The key is understanding what the PIN protects here and how a PIN actually works in this context. People need to forget the idea that a 4 digit PIN has to be less secure than a 25 character password, as that is missing the point.
A point that Microsoft itself drives home in a 2017 posting
“The PIN is tied to the specific device on which it was set up. That PIN is useless to anyone without that specific hardware.”
If someone compromises a user’s Microsoft account password, they can log into the Windows 10 computer from anywhere. If they compromise, guess, steal, the PIN, then they still need access to the machine itself.
The PIN itself is never transmitted to the server as it is local to the Windows 10 device, so it cannot be intercepted during transit or stolen from a compromised remote server. In other words, this move makes your Microsoft account more secure rather than making the Windows 10 security more effective.
According to Ian Thornton-Trump, CISO at Cyjax, the idea of separating physical access authentication and network access authentication is a really good idea for the Windows 10 security update. He further adds that “users like PINs.
Anything that can harden remote access while making physical access simpler is a good move, according to Thornton-Trump for the Windows 10 security
“This seems like a great way to reduce the remote attack surface,” he says, concluding, “We will need to see how the researchers go after the new feature, but I think this is a bold step in the right direction.”
How to Add Pin for Windows 10 Security
If you did not set up PIN for your device when installing Windows 10, her i’s how you can add a PIN to your device:
- Select Settings from the Start menu.
- Select Accounts in the Settings app.
- On the accounts page, select Sign-in options from the options on the left.
- Click Add below PIN.
- Verify your Microsoft account password and click OK.
- Now enter a PIN for device and click Finish.
If you wish to change the PIN at a later time, you can go back to the accounts screen in the Settings app and click Change under PIN.
Culled from Forces | Windows 10 Security: Change Your Password To A PIN, Says Microsoft