I was recently asked why Microsoft Windows required my client to setup a new "password" for their existing Microsoft Windows computer. Before we go further, let me explain the context.
- The computer is a couple years old
- The client logs in to this computer using an attached Microsoft.com account
- Multiple people use the computer but not every day
Having just setup a new computer running Microsoft Windows for this client I had the experience of needing to setup a PIN for the primary user where in the past we would have just used the password. I was surprised by the requirement and was happy to see that at the login screen we can choose to enter a password instead of the PIN if desired.
The PIN requirement is actually Microsoft Windows working to change people over to a PIN for security reasons.
The PIN you set to login to the computer is specific to logging in to computers only... it's not a new password. The idea Microsoft is working with here is that computer viruses can steal passwords from the sign-in window, so by giving you a computer-specific PIN for your account a virus cannot steal the password on the account because no password was entered.
