As a security “expert” by trade, Hello’s PIN garbage always frustrates me. Do you honestly think someone is going to put different PINs on different devices? I get the whole “don’t let the password leave the machine” but EVEN MICROSOFT solved that with Kerberos long ago. It’s a solution for a solved problem.
None of the “benefits” seemed to line up. The multifactor/biometric support is in theory good, at least, but the rest of the copy they give users is useless.
Use good, unique passphrases on a few things (your computer, your phone, and your password manager) and use randomly generated passwords for everything else.
As a security “expert” by trade, Hello’s PIN garbage always frustrates me. Do you honestly think someone is going to put different PINs on different devices? I get the whole “don’t let the password leave the machine” but EVEN MICROSOFT solved that with Kerberos long ago. It’s a solution for a solved problem.
None of the “benefits” seemed to line up. The multifactor/biometric support is in theory good, at least, but the rest of the copy they give users is useless.
Use good, unique passphrases on a few things (your computer, your phone, and your password manager) and use randomly generated passwords for everything else.