Microsoft recommends users set up a separate password for their device unless they are logging in using their Microsoft account. However, they leave the choice to users whether they wish to set the password or not. In the later versions of Windows, Windows introduced Windows Hello which is a device-specific feature to log on to the system using face recognition, fingerprint recognition, iris recognition, or a PIN. However, to use up this feature, we need to set up a password first.
While the PIN or biometric identification is a device supposed to be a device-specific function, it could be set on multiple devices if the organization’s policy allows it. Here’s an explanation of why a PIN is better than a password and its device-specific functionality. The PIN is not saved on any server and thus cannot be accessed outside the device, though as mentioned earlier, we could set up Windows Hello on multiple devices.
Your password was changed on a different device
If we are using Windows Hello for Business to configure the PIN or biometric identification of multiple devices, changing the account password on one device would not affect the PIN or biometric identification of other devices, since they use a key or certificate. However, if we are not using Windows Hello for Business, we would have to change the password on every associated device. In such a situation, we would get the following error:
Your password was changed on a different device. You must sign in to this device once with your new password, and then you can sign in with your PIN.
Understanding the problem
Let us suppose that we set up a PIN on our primary device and created a password (or used an existing one). Upon changing the password on the same device, the PIN would work as usual since it was set up on the system itself to recognize the change in the password. Now the password is server-specific, not device-specific, thus it changes on all the associated systems. The PIN on the other systems are linked to that password, however, they cannot recognize the change since for those systems the change was made on the server. In such a situation, the PIN login would fail on those systems.
Changing PIN (or biometric) on non-primary systems
For the sake of the discussion, we are assuming that the primary system was the one on which the PIN was changed initially.
- When you get the error, click OK and then on Sign-in options.
- Click on the Password option and then log in with the new password. Upon doing so, the system would save the new password that was already changed on the server. Simultaneously, the PIN would also recognize the changed password.
- You would be able to login with the PIN this time. The same is true for biometric identification.
I hope this helps you resolve the issue.
