It can be as secure â perhaps even more secure â because itâs used in a different way.
You can also choose to increase its security by using some of the same techniques we use for passwords in general.
Become a Patron of Ask Leo! and go ad-free!
The big difference: scope
The biggest difference between using a PIN and a password to sign in is that the PIN only works on the machine on which you set it up.
If someone knows your PIN, theyâll have access to your machine, but only if they also have the machine in their possession. If they can do that, your machine isnât physically secure. With or without your PIN, anyone who has physical access to your machine can use any number of techniques to get at its contents.
There are at least two instances in which having an âeasyâ or even automatic sign-in puts you at additional risk:
- if you have saved logins or passwords in your browser â anyone can walk up to your machine and access those sites or credentials
- if you use Bitlocker to encrypt your data; logging allows access to that data
In those cases, the ability to log in â using that âeasy to rememberâ PIN â could allow access, but it still requires physical access to the machine.
A PIN can be more secure
Many people fear a type of malware known as a keylogger.
When installed, keyloggers secretly record your keystrokes and send the recording to hackers. Log in to a website, for example, and the keystroke logger records both your username and password. Only something like multi-factor authentication can save you.
If you use a PIN to sign in to your machine, however, they can record anything they like and it wonât get them anywhere. The PIN only works on your actual machine, which some remote hacker doesnât have access to. Even if you use a Microsoft account to sign in to your machine, that PIN is useless everywhere else.
Thereâs an argument that using a PIN is actually more secure, since you never actually type your Microsoft account password into your machine. Keyloggers canât log what you never enter.
Strength: treat it like a password
If a PIN still makes you uncomfortable, consider treating it like a password.
There are two ways.
The first is to make it longer. Thereâs nothing that says you have to use your 4-digit ATM PIN as your Windows sign-in PIN. Use something longer â much longer, if you like. Just as adding a character to your regular password makes it exponentially stronger, the same applies to your PIN. Just add digits.
Speaking of passwords, the second is to include letters and symbols in your PIN.
A PIN with letters and symbols is nothing more than a password. This, then, would act as a alternative password used to sign in only to this specific machine.
Local accounts: PINs are convenient
Using a PIN is, I believe, intended as a way to make signing in to your Microsoft account more convenient, and, as weâve seen, perhaps even a little more secure (by not having to type in your actual account password). If you can log in with a PIN, youâre free to make your actual Microsoft account password long and complex â especially if itâs filled in elsewhere by your password vault â strengthening the security of things like your Outlook.com email, OneDrive online storage and more.
The downside, of course, is that signing in with a local account doesnât get you any of the benefits of signing in with a Microsoft account, like synchronized settings across machines, integration with the Microsoft Store, and several Microsoft apps and applications. Nonetheless, itâs a choice some people make for a variety of reasons.
And, yes, you can sign in to a local account using a PIN as well, though the benefit is primarily convenience.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
4 digit pins are quite easy to sniff out as there really are not very many combinations of 4 numbers, however passwords are better because there are 26 letters in the alphabet plus a choice of capitals and symbols too. It would take a hacker much longer to sniff these out.
Did you read the article? Hackerâs donât have the same level of access for a PIN as they do for a traditional password. And the article directly addresses the steps you can take to make a PIN more secure.
My biggest problem with the W10 pin is that there is no locking upon multiple failed attempts and it opens immediately when the correct pin is entered. For example, if you have the very uncommon and highly secure pin â1234â, someone can sit at the computer and keep trying. So if they tried the even more secure and slightly less common â123456â, they would get in after the 4th digit was entered. So, Leo, you are correct that to make it more secure, add more digits and donât use something easy to guess.
Believe it or not, 123456 is more common than 1234 (as of Jan 2015 anyway) âŚ
http://gizmodo.com/the-25-most-popular-passwords-of-2014-were-all-doomed-1680596951
âŚalthough, I have to admit, I find it hard to believe that âmustangâ beat out all of the available curse words and body parts.
But itâs not safer than 123456 because of poor design on the part of Microsoft, once youâve entered the first four digits, 1234 Windows will log you in immediately before you have a chance to add the last two digits. I canât believe the designers at Microsoft could be so stupid. Type in a bunch of numbers and count them as you type Windows will tell you how many characters are in the PIN.
âMy biggest problem with the W10 pin is that there is no locking upon multiple failed attempts and it opens immediately when the correct pin is entered.â â This can be configured using Group Policy in the Pro, Enterprise and Educations editions, but not in the Home edition. I donât see the omission as being particularly problematic.
As an aside on a separate technical matter, and taking absolutely nothing away from the arguments, but purely to correct the use of a specific word, adding an extra digit to a PIN does not make it âexponentiallyâ safer. It makes it 10 times safer, and adding a second extra digit makes that now safer 5-digit PIN 10 times safer yet. An exponentially safer PIN would get safer at an even faster rate.
Actually adding 1 digit makes it 10 times safer. 2 digits makes it 100 times (10^2) safer. 3 digits makes it 1000 (10^3) times safer. Maybe I should have said âgeometricallyâ (I donât think so) but itâs important that it not be thought of as linear. :-)
Iâve been computing for a decade, but this left me puzzled. Iâm not alone in this I see. How does a PIN, (regardless of length), secure my local computer if I donât enter it with keystrokes?
Please re-visit this Leo and speak to those of us who need it on a bit more pedestrian level. Sorry about the density but If I donât get it I usually have company.
Thanks
Yeah, this seems somewhat nonsensical to me. If a keylogger is present on your system, it can log both the PIN and any passwords that you subsequently enter, including your Microsoft password (if you enter it). Leoâs contention would seem to be that you probably will not enter your Microsoft Account password after logging in with your PIN, so it will not be captured. While that may be true, any other passwords â banking, email, etc. â that you enter will be captured, and those passwords are likely more important than the one protecting your Microsoft Account.
All in all, I think keyloggers are pretty irrelevant to this discussion.
I donât understand your question. You do enter it with keystrokes.
âThe single biggest difference between using a PIN and a Microsoft account password to sign in to your machine is that the PIN only works on the specific machine for which you set it up.â â Iâm somewhat puzzled. Howâs a PIN tied to a device on a non-TPM enabled system?
You donât need a TPM (chip) to generate or store a hardware signature. This has been done since Windows XP by storing the hardware signature (key) on the hard drive.
Indeed â which is basically how Windows Activation works. Anyway, I actually discovered the answer to my question:
âWhen the user has completed this process, Microsoft Passport generates a new publicâprivate key pair on the device. The TPM generates and stores this private key; if the device doesnât have a TPM, the private key is encrypted and stored in software.â
https://technet.microsoft.com/itpro/windows/keep-secure/microsoft-passport-guide
And that, of course, means the the process is less secure than on TPM-enabled systems.
⌠On the other hand, any new Windows 10 machine would be a TPM machine.
TPM may be required, but even so ⌠I must be missing the point of your question. Itâs local data, nothing more.
Hi Leo, I just wanted to add a comment about using your pin for sign in. You said you would lose synchronization across machines, but that didnât happen with mine. I use a laptop and pin at work, and a desktop and password at home. I changed the desktop wallpaper on my home computer and the next day when I went to work, it was on the laptop when I fired it up. Kind of confused and surprised me since I really didnât want it there.
Leo, you did a valiantly great job explaining why MS decided to use a pin. But, Iâll present a perhaps cynical alternative rationale. This is the type of goof that happens all too often in software, or for that matter in technical designs: Someone comes up with what they think is a great idea, usually trying to âfixâ what ainât broken. Then they discover that there is a hole (i.e. problem) with the design, so instead of undoing the problem, they tack on a patch to problem and somehow rationalize it. MS wanted to tie in the MS account to all computer log-ins for their marketing, so in Windows 10 they said you must use your MS account rather than a machine password. Then they discovered that this scheme wasnât so secure â specifically, not secure for MS. So they invented the pin concept to protect MS accounts from being hacked, but not lose the association between a computer and the MS account. If machine login security was a real concern, then they could have just as easily tied in your machine password to the hardware signature.
Whatâs curious is that the pin doesnât have to be all numbers. It can be configured to use letters and special characters. In other words, the same concept as the good old machine password, but now itâs tied to your hardware signature and indirectly to you MS account.
Of course, as Leo already said, if someone has physical access to your machine, none of this matters anyway.
I originally set up the machines in my house with MS account logins and a Home Group. We found that the logins were a nuisance because we use long passwords that arenât easy to type. So we switched to PINs and the Home Group quit working.
Has anybody else had this problem?
Now you can use letters and special characters in your PIN. By definition, itâs no longer a PIN, Personal Identification Number, itâs a PIP Personal Identification Password or Passphrase. ;-)
You can count on Microsoft for ridiculous naming conventions.