A Windows 10 user logs into a PC using the Microsoft-account and uses the PC. The user enables pin code access, so it is now possible to log in to that PC using just the pin.
The pin is then compromised and the PC physically no longer accessible to the original user.
How can the user make it impossible for an evil user with access to the laptop and knowledge of the compromised pin?
Here is what we already tried (helping a friend):
- Changed the password on the Microsoft account. Did not prevent the login with pin-code (testing on another laptop)
- Went to Microsoft Account and removed the device in question from "your devices". It was still possible to log in with the pin code on the test-laptop.
Is it really possible, that after enabling the pin code logon, if the pin code is compromised, you cannot prevent an evil user from using your account on that laptop?
If not, what to do?
Remember:
- No physical access to PC any longer
- Password already reset
- Already tried removing it from "your devices" https://account.microsoft.com/devices