Reset Users Device Pin - Windows Hello for Business

John Hummer 11 Reputation points
2022-09-16T20:38:23.973+00:00

I am having difficulty with something that I think should be easy. Here is the scenario: I want to reset the Windows Hello for Business Pin for a users account on an Azure AD joined laptop running the newest version of windows 10.

Windows Hello for Business is turned on globally for our tenant, in which everyone has Business Premium licenses.

The two Pin recovery apps have been added to our Enterprise Apps.

Is there not a way to reset it without also resetting the users Azure AD password? I was thinking that's what "reset passcode" did in Azure device management, but I for the life of me can't get it to get it not greyed out.

Does anyone have some insight they'd be willing to share?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,452 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Dillon Silzer 57,316 Reputation points
    2022-09-17T18:53:28.693+00:00

    Hi @John Hummer

    It looks like you have the first steps completed (such as adding the Enterprise apps). Try Enable PIN Recovery on your devices

    https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset?tabs=gpo#enable-pin-recovery-on-your-devices

    242166-image.png

    (You can do this with a GPO or using Intune as suggested in the documentation above).

    -----------------------------------

    If this is helpful please accept answer.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.