At the initial setting of Windows 11, a setup of PIN and face authentication is executed, but this authentication is configured to automatically use the information stored in TPM.
If TPM 2.0 is available on a PC (if it is not available, protect the key using the software -based method), and a public key/private key pair will be created within the TPM.When authenticating a user, it is necessary to access the key in the TPM and obtain a signature, but it is necessary to prove that the user is the owner of the private key.For this reason, PIN or biometric authentication is used.
In short, the PIN entered at the time -in is not used for authentication, but is used only as a PIN to access TPM.
In Windows 11, TPM is widely used, such as BitLocker, device encryption, and Credential Guard, but it is the PIN at the time of this sign -in that can feel the most familiar TPM.
As shown in the following related articles, there is also a method of avoiding TPM checks at the time of installation, but it is not recommended, so it should be used for verification purposes.
関連記事Microsoft, how to install Windows 11 by avoiding TPM 2.0 checks