MicrosoftMicrosoftDon't forget about this article: Why a PIN is better than a password (Windows 10) - Microsoft 365 Security | Microsoft Docs
A PIN is not your Password. A PIN requires the device to be in your possession in addition to knowing the simple/complex password. While you can make the PIN as complex as you would like do not forget about this key requirement.
As discussed in the past few posts, you can implement the idea of complex PINs and remove the simple PINs: Windows Hello for Business Frequently Asked Questions (FAQ) - Microsoft 365 Security | Microsoft Docs.
But again, do not confuse this PIN for a password and asking to compare this PIN to a blacklist. There is no need, as the PIN never leaves the workstation, it simply unlocks a private key to a certificate.
Also, at the end of the day, even having your PIN + device, the "unauthorized individual" still does not know your password. Report your missing device to your IT admins as soon as possible and it is no longer an entry point.
In addition, for those looking for something even stronger than just a PIN + device, Multi-Factor Unlock may be what you are looking for: Multi-factor Unlock - Microsoft 365 Security | Microsoft Docs. But, this does add additional complexity.
Hopefully this helps with any confusion.
