Forum Discussion
Marco de Bock
Apr 29, 2018Copper Contributor
Default security settings for Office 365 for first account logon on new device
I am trying to figure out where to change the security settings on Office 365 when a user logs on to a new device for the first time. Story: I created a new Office 365 tenant, added some standard...
- Apr 29, 2018
Yup, they are connected. The PIN code requirement is enforced from the device, that's basically the "gesture" used for Windows Hello (or the fallback in this scenario). As this is considered very sensitive, it triggers the MFA challenge as well. You can disable it via GPOs (not recommended) or you can use an Intune policy that does not require Windows Hello (and thus the MFA challenge): https://docs.microsoft.com/en-us/intune-classic/deploy-use/control-microsoft-passport-settings-on-devices-with-microsoft-intune
VasilMichev
Apr 29, 2018MVP
Yup, they are connected. The PIN code requirement is enforced from the device, that's basically the "gesture" used for Windows Hello (or the fallback in this scenario). As this is considered very sensitive, it triggers the MFA challenge as well. You can disable it via GPOs (not recommended) or you can use an Intune policy that does not require Windows Hello (and thus the MFA challenge): https://docs.microsoft.com/en-us/intune-classic/deploy-use/control-microsoft-passport-settings-on-devices-with-microsoft-intune
Azim null
May 16, 2018Copper Contributor
Yes, but if we have it disabled via Intune, it still challenges to create a PIN. I have several customers who do not want to leverage a PIN and have Hello completely disabled and Windows STILL challenges us to create a pin on first login. This flies in the face of the intended config.
- Steve TinsleyJan 06, 2020Copper Contributor
- WgTech701Oct 06, 2020Copper Contributor
Did anyone get a resolution for this? Steve Tinsley