Forum Discussion
How to remotely force a PIN reset
I'm looking for a way to force specific users to change their PIN. Is there a way for an Admin to accomplish this remotely via Intune/AAD similar to forcing a user to change their password or to force a user to reregister their MFA?
https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset?tabs=intune#enable-the-microsoft-pin-reset-service-in-your-azure-ad-tenant
Thx
5 Replies
johnjjohn Assuming you are using Windows Hello for Business. I have not tested this, but I am fairly confident that you can go to Entra admin center > Users > All Users > [user you wish to reset pin for] > Authentication Methods and then simply delete the Windows Hello for Business entry connected to the affected device. In theory, this will require them to setup a new PIN next time they sign in to the device.
- You may have a look at:
https://learn.microsoft.com/en-us/mem/intune/protect/windows-hello- Thanks but there is no information in that article on how to remotely force a user to change their PIN.
- There is no direct policy to do it, I advise you to file a feedback on:
https://feedbackportal.microsoft.com/feedback/forum/ef1d6d38-fd1b-ec11-b6e7-0022481f8472
However, you may set PIN expire date to 1, so next day it will be expired and ask user to enter a new PIN.
