Forum Discussion
Default security settings for Office 365 for first account logon on new device
- Apr 29, 2018
Yup, they are connected. The PIN code requirement is enforced from the device, that's basically the "gesture" used for Windows Hello (or the fallback in this scenario). As this is considered very sensitive, it triggers the MFA challenge as well. You can disable it via GPOs (not recommended) or you can use an Intune policy that does not require Windows Hello (and thus the MFA challenge): https://docs.microsoft.com/en-us/intune-classic/deploy-use/control-microsoft-passport-settings-on-devices-with-microsoft-intune
Yup, they are connected. The PIN code requirement is enforced from the device, that's basically the "gesture" used for Windows Hello (or the fallback in this scenario). As this is considered very sensitive, it triggers the MFA challenge as well. You can disable it via GPOs (not recommended) or you can use an Intune policy that does not require Windows Hello (and thus the MFA challenge): https://docs.microsoft.com/en-us/intune-classic/deploy-use/control-microsoft-passport-settings-on-devices-with-microsoft-intune
Yes, but if we have it disabled via Intune, it still challenges to create a PIN. I have several customers who do not want to leverage a PIN and have Hello completely disabled and Windows STILL challenges us to create a pin on first login. This flies in the face of the intended config.
- Steve TinsleyJan 06, 2020Copper Contributor
- WgTech701Oct 06, 2020Copper Contributor
Did anyone get a resolution for this? Steve Tinsley