Security
Enhanced Security Measures: PIN Verification for Updated Security Keys
Windows 11 Update Requires PIN for FIDO2 Security Keys
Microsoft has issued a warning to users regarding a new security measure for FIDO2 security keys after installing recent Windows updates. Starting with the September 2025 preview update, users may be prompted to enter a PIN when signing in.
This change affects devices running Windows 11 versions 24H2 or 25H2 when user verification is requested by an identity provider during authentication. Microsoft has implemented this change to comply with WebAuthn specifications, which govern how authentication methods handle user verification requests.
User verification is crucial for confirming a user’s presence and authorization to use a security key, typically through a PIN or biometric scan. WebAuthn standards categorize verification as discouraged, preferred, or required. When set to “preferred,” platforms must prompt users to set up a PIN if the authenticator supports user verification.
The feature began rolling out to all Windows 11 devices after the KB5065789 preview update and was fully deployed with the November KB5068861 security update.
According to Microsoft, users may now be required to create a PIN to sign in with a security key after installing the Windows update (KB5065789 or later). This change is triggered when a Relying Party (RP) or Identity Provider (IDP) requests User Verification = Preferred during authentication with a FIDO2 security key lacking a PIN.
Organizations and services can prevent users from creating or entering PINs for security keys by setting user verification to “discouraged” in their WebAuthn configuration settings.
Microsoft emphasized that support for PIN setup in the authentication flow was added for consistency between registration and authentication processes.
FIDO2 security keys offer passwordless authentication by requiring physical possession of a USB, NFC, or Bluetooth token. This technology is gaining popularity as organizations seek to enhance security and deter password-related attacks like phishing and credential theft.
As MCP (Model Context Protocol) becomes the standard for connecting LLMs to tools and data, security teams are prioritizing safety measures for these new services.
Discover 7 best practices with this free cheat sheet that you can implement today.
Maximizing MacBook Battery Life: Tips for Charging Slowly and Setting Charge Limits
Lost Legacy: The Disappearance of AC Schnitzer and the Changing Automotive Landscape
Cyber Warfare: The Battlefront of the Digital Age
Monster Hunter Stories 3: The Challenge of Twisted Reflection
Revolutionizing Cash-Pay Clinic Prescribing: VITL Secures $7.5M Amid GLP-1 Boom
Balancing Act: The Decision to Shut Down Sora
Exclusive Arrival: Cupra Born VZ Lands in Australia – But There’s a Twist!
iPhone 12 Pro Max vs Samsung Note 20 Ultra / Huawei Mate 40 Pro Camera Test Comparison.
ClickFix: The New Threat to macOS Security
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
Facebook’s New Look: A Blend of Instagram’s Style
Facebook and Instagram to Reduce Personalized Ads for European Users
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Breaking Updates: Meta Connect 2025 Unveils Latest Developments
iPhone 12 Pro Max vs Samsung Note 20 Ultra / Huawei Mate 40 Pro Camera Test Comparison.
iPhone 12 Pro Max vs Samsung Note 20 Ultra / Huawei / Xiaomi / OnePlus Battery Life DRAIN Test.
The BEST Smartphone of 2020 🏆
The Self-Healing Smartphones!
Apple is not what it used to be.
Smartphones are Boring now.
The Fastest Android Phone Ever.
Unboxing the $122,000 Smartphone. 🤯
Are Linux Smartphones about to KILL Android?
-
Facebook5 months agoEU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
-
Facebook5 months agoWarning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
-
Facebook6 months agoFacebook Compliance: ICE-tracking Page Removed After US Government Intervention
-
Facebook4 months agoFacebook’s New Look: A Blend of Instagram’s Style
-
Facebook4 months agoFacebook and Instagram to Reduce Personalized Ads for European Users
-
Facebook6 months agoInstaDub: Meta’s AI Translation Tool for Instagram Videos
-
Facebook4 months agoReclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
-
Apple5 months agoMeta discontinues Messenger apps for Windows and macOS
