Cybersecurity advice traditionally says that passwords are better than PINs. After all, PINs are usually simple four-digit codes, while passwords can be long and complex. That said, Windows 10 is a mighty exception. In many ways, their “Hello PIN” is even more secure than a normal password. Let’s explore why.
With Windows 10, your Hello PIN is tied to the device itself. That means that your PIN is useless to an intruder unless they also have access to your computer as well. It’s also local, which means it remains entirely on-device. Your PIN, unlike a password, is never transmitted over a network that could potentially be compromised, eliminating a major security risk.
A Hello PIN also works with a specialized Trusted Platform Module (TPM) chip built directly into your device. This chip is designed to handle cryptographic functions with the utmost level of security. For example, if someone tries to brute-force your PIN, the chip is designed to lock-up after too many failed attempts.
You don’t need to make a simple, easy-to-guess four digital PIN, either. Your IT management can designate that PINs be complicated, and include numbers, upper and lowercase letters, and symbols. That presents your PIN with the opportunity to be as secure as a traditional password. That, combined with your TPM chip’s lockdown feature, doubles the security against a brute-force attack.