Microsoft releases forced update that breaks windows hello pin sign in
11 views
Skip to first unread message
ad...@reviews.wox.org
Jun 22, 2025, 8:28:26 PMJun 22
to 2600-au...@googlegroups.com
In another case of complete stupidity, that someone really
should be taking Microsoft to court over -
They released a "security update" this month that enabled
password expiry on machines that only support the windows
hello pin number sign in, which itself was a previous
update that disabled the ability for users to sign in with a
password at all after being tricked into enabling windows
hello to begin with if they were silly enough to sign in
with a Microsoft account (which is a significant number of
users since new pcs trick you into using one, and old pcs
will nag you monthly to sign up - anti trust much?)
Implications: Depending when they get this forced
"security" update, about a month and a half later, users who
have likely been signing in with pin number or facial
recognition or biometrics for months if not years, and
probably are unaware they even HAVE a password anymore will
wake up with a screen popping up demanding they change their
password. In almost all cases the user has likely
forgotten then even HAD a password and will sit there keying
in their pin number pointlessly only to be told the password
is wrong.
It will then helpfully suggest using a password reset disk,
or you answer security questions, except it seems the
security questions are broken as well, since in many cases
Microsoft accounts were created before they were needed, yet
it will still ask a generic set, even tho no correct answer
exists, and literally nobody ever makes a password reset
disk, or is even aware they can make one, nor have any idea
where they would even need to go to make one to begin with
as it is a little known and hardly used feature.
--
New and improved 2600... well.. ..we drew on some flames and polished it a bit..
--
Google - making sure, life is no more, than 1984...
--
In politics - Later never happens.
should be taking Microsoft to court over -
They released a "security update" this month that enabled
password expiry on machines that only support the windows
hello pin number sign in, which itself was a previous
update that disabled the ability for users to sign in with a
password at all after being tricked into enabling windows
hello to begin with if they were silly enough to sign in
with a Microsoft account (which is a significant number of
users since new pcs trick you into using one, and old pcs
will nag you monthly to sign up - anti trust much?)
Implications: Depending when they get this forced
"security" update, about a month and a half later, users who
have likely been signing in with pin number or facial
recognition or biometrics for months if not years, and
probably are unaware they even HAVE a password anymore will
wake up with a screen popping up demanding they change their
password. In almost all cases the user has likely
forgotten then even HAD a password and will sit there keying
in their pin number pointlessly only to be told the password
is wrong.
It will then helpfully suggest using a password reset disk,
or you answer security questions, except it seems the
security questions are broken as well, since in many cases
Microsoft accounts were created before they were needed, yet
it will still ask a generic set, even tho no correct answer
exists, and literally nobody ever makes a password reset
disk, or is even aware they can make one, nor have any idea
where they would even need to go to make one to begin with
as it is a little known and hardly used feature.
--
New and improved 2600... well.. ..we drew on some flames and polished it a bit..
--
Google - making sure, life is no more, than 1984...
--
In politics - Later never happens.
ad...@reviews.wox.org
Jun 22, 2025, 10:20:37 PMJun 22
to 2600-au...@googlegroups.com
Followup:
I got a hold of one of the machines it was happening to, had
a local account I could use instead.
Windows hello no longer worked at all. Curiously it had the
wrong year set in the date/time. May be related.
Anyway if you run the following in powershell seems to be
the only way to minimise/avoid the issue -
Set-LocalUser -Name "USERNAME" -PasswordNeverExpires $true
Replace USERNAME with the user account name text.
You can confirm beforehand how they are written before hand
with the powershell/cmd command:
net user
In theory the above should work both windows home and pro,
if you have pro edition poledit may allow the same thing,
but if you are using a microsoft account I doubt you can
just untick password expiry in advanced user editor on those.
Microsoft should add a tick box to the screen where you can
set location or advertising ID that reads "are you an
elderly person or person of limited technical skill" which
stops anything in the windows look and feel ever changing,
and doesn’t force people to use online account nonsense!
Would make everyone’s lives easier if it actually worked too!
I got a hold of one of the machines it was happening to, had
a local account I could use instead.
Windows hello no longer worked at all. Curiously it had the
wrong year set in the date/time. May be related.
Anyway if you run the following in powershell seems to be
the only way to minimise/avoid the issue -
Set-LocalUser -Name "USERNAME" -PasswordNeverExpires $true
Replace USERNAME with the user account name text.
You can confirm beforehand how they are written before hand
with the powershell/cmd command:
net user
In theory the above should work both windows home and pro,
if you have pro edition poledit may allow the same thing,
but if you are using a microsoft account I doubt you can
just untick password expiry in advanced user editor on those.
Microsoft should add a tick box to the screen where you can
set location or advertising ID that reads "are you an
elderly person or person of limited technical skill" which
stops anything in the windows look and feel ever changing,
and doesn’t force people to use online account nonsense!
Would make everyone’s lives easier if it actually worked too!
ad...@reviews.wox.org
Jun 22, 2025, 10:26:18 PMJun 22
to 2600-au...@googlegroups.com
RE re re followup, pretty sure this command only works on
non-microsoft accounts, so hopefully this doesn't become a
common problem, and it was only some isolated issue..
On 23/06/2025 12:20 pm, ad...@reviews.wox.org wrote:
> Set-LocalUser -Name "USERNAME" -PasswordNeverExpires $true
>
> Replace USERNAME with the user account name text.
>
non-microsoft accounts, so hopefully this doesn't become a
common problem, and it was only some isolated issue..
On 23/06/2025 12:20 pm, ad...@reviews.wox.org wrote:
> Set-LocalUser -Name "USERNAME" -PasswordNeverExpires $true
>
> Replace USERNAME with the user account name text.
>
Reply all
Reply to author
Forward
0 new messages