Forum Discussion
Bitlocker PIN
Hy,
I conclude after inspecting this that every company needs to decide what works best when it comes to PIN length and complexity. Microsoft provides flexible options and best practices that help balance security and user convenience.
That being said, this gives organizations the flexibility to customize their PIN policies to align with their unique security requirements and operational needs.
I’m reposting the link along with the planning guide for your reference:
You could something like NIST standards.
According to NIST minimum 6 characters for the PIN and no complexity rules required and PIN can be digital only.
thx, the NIST recommendations are a little bit to old (2010), or I was checking the wrong official Link.
But Microsoft have a strong recommendation regarding this:
The challenge with setting a minimum PIN length of 6 digits is that it allows for simple PINs, like those used for Windows Hello, which are not very secure. Conversely, increasing PIN complexity—for example, requiring alphanumeric characters—forces end users to remember multiple passwords, which can be inconvenient.
So, this requires further consideration. I will review the details and provide a formal statement later
Good luck!