STIG ID: WN10-CC-000370 | SRG: SRG-OS-000095-GPOS-00049 | Severity: medium | CCI: | Vulnerability Id: V-220870
This policy controls whether a domain user can sign in using a convenience PIN to prevent enabling (Password Stuffer).
Disable the convenience PIN sign-in.
If this needs to be corrected configure the policy value for Computer Configuration >> Administrative Templates >> System >> Logon >> Set "Turn on convenience PIN sign-in" to "Disabled”.
If the following registry value does not exist or is not configured as specified, this is a finding.
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Policies\Microsoft\Windows\System
Value Name: AllowDomainPINLogon
Value Type: REG_DWORD
Value data: 0