Event banner
Event details
I have an Entra joined machine, managed by Intune and enrolled in WHfB. On any given day when I power on my machine, there’s a 50/50 chance that I’m met with the password prompt to sign in, rather than be prompted to authenticate with one of my WHfB methods. I can easily switch to sign in with my PIN and complete the sign-in process, but once I’m logged in and working, and my machine goes idle and locks, again there’s about a 50/50 chance that I’m once again presented with the password prompt to unlock my machine instead of the PIN prompt that I originally logged into Windows with. I would imagine this is not the desired scenario, but it makes "forgetting my password" difficult if I'm constantly tempted to authenticate with my password instead of WHfB. Could there be a setting, configuration, or scenario I could be missing somewhere?
- Mike-Danoski
Microsoft
I can't think of a setting that might impact this behavior. If I were you, I would potentially try to set a new pin and open a support case if the behavior continues.- After running through some scenarios and deep Googling, I determined that the credential provider our VPN client added to Windows was interfering with the ability for the OS to prompt for PIN and was causing the persistent password prompt. I actually added a comment to the linked Spiceworks post below. Once I deployed a configuration profile to hide the credential provider, PIN sign-in was restored and working exactly as designed. Obviously, I do not expect Microsoft to test WHfB on operating systems with non-Microsoft credential providers registered, but what are the chances that we can get some sort of note/warning in the documentation that the presence of a third party credential provider may interfere with the ability for WHfB to work properly?
- Thanks, I'll give that a shot. FWIW, I'm seeing this reported in at least one more place: https://community.spiceworks.com/t/my-laptop-still-prompts-for-password-to-sign-in-on-occasion-instead-of-pin/965368/3
