2Eki
Why does Windows Hello insist on setting a PIN when authenticating with fingerprints?
They say a chain is only as strong as its weakest link, so I wonder:
Using Windows locally (no Microsoft servers involved) I set a password for my account.
When wanting to use fingerprints for authentication (because it's more convenient), Windows Hello forces me to set a PIN, and that PIN is four digits at most (if I understood things correctly).
Now considering (password, PIN, fingerprint(s)), I think the PIN is the easiest thing to break (specifically if someone looks over your shoulder). Thus some questions:
- Why does Windows Hello require to set a PIN for the account when configuring fingerprints?
- Why is the PIN restricted to four digits?
I got the impression that the fingerprints are protected by the PIN somehow, but to unlock the fingerprint alone is sufficient.
