Device Lock without Passcode

Frequent Contributor

Hi All


We have a client who wishes to have the Windows Hello for Business / Device Passcode / PIN feature turned OFF and just use their AD credentials on the device.


Is it possible to still have the device lock after a period of inactivity?


Info greatly appreciated.



5 Replies

Hi Stuart


what you are looking for is available in the Device Restriction Policy in Intune:






Hi Buddy


When the Password (which we don't want) Device Restriction setting is set to Not Configured, the Maximum minutes of inactivity until screen locks setting is greyed out!





you wrote ...and just use their AD credentials on the device. So I thought you don't want WHfB but AD Creds are used to logon :-). In that case you could enforce Password and the inactivity timeout...


What are you trying to achieve exactly? No WHfB and AAD Creds without Password?




Hi There


Yep, sounds silly, I know but that's what they want:


  • No WHfB
  • No PIN / Passcode on the device
  • User signs in with current AD creds (synced to Azure AD)


Sorry for asking again. You write user signs in with current AD creds (synced to AAD). This is normal business username/password and no WHfB which means no Pin/Passcode/Bio, therefore you can enforce the password policy imho?! AD creds are username and password.
Maybe I‘m totally not getting the point but I think you are doing the normal way of logon which allows this policy.
Sorry if I start the discussion again.

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
50 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
32 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
15 Replies
Dev channel update to 80.0.355.1 is live
josh_bodner in Discussions on
67 Replies