Windows 10 fingerprint login changes default login method back to password

I have a Lenovo laptop running Windows 10 that I use both standalone when I'm on the go, and connected through a dock to a monitor, keyboard, and mouse when I'm at home.

When I'm out, I use the fingerprint reader to log in. However, when I use it at home, I have the cover closed, so the fingerprint reader is not easily accessible, so I use the keyboard to log in.

When using the keyboard to log in, I prefer to log in via PIN, rather than password. If I log in via PIN multiple times while I'm at home, it remembers my last login method each time, and makes PIN the default login option. However, if at any point, I use fingerprint login, it changes the default login method back to Keyboard, so the next time I use it at home, I have to do two mouse clicks to change it back to PIN again. I know it's not a huge problem, but it is annoying to have to do that.

Is there a way to prevent it from switching the default login method from PIN back to Password every time I use the fingerprint reader to log in?


Solution 1:

Check this article on how to set your default sign-in option in Windows 10 using a registry tweak.

  1. From the Command Prompt execute the following command to get your user account's SID: wmic useraccount get name,sid

  2. Press the Windows + R keys together, and then type regedit and hit Enter to access Registry Editor.

  3. Navigate to the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\UserTile

  4. Find your current account's SID on the right pane, and double-click on it to modify.

  5. Type {D6886603-9D2F-4EB2-B667-1971041FA96B} in the Value data field and click OK.

  6. Reboot your computer and it will display PIN as your default sign-in option on the logon screen.

GUID for each sign-in option:

  • PIN: {D6886603-9D2F-4EB2-B667-1971041FA96B}
  • Picture Logon: {2135F72A-90B5-4ED3-A7F1-8BB705AC276A}
  • Password: {60B78E88-EAD8-445C-9CFD-0B87F74EA6CD}
  • Fingerprint Logon: {BEC09223-B018-416D-A0AC-523971B639F5}

Solution 2:

There is a way to force Windows 10 to default to the Windows Hello Fingerprint Login screen, regardless of the previous login method (password or PIN). The idea is to prevent the system from changing the login method associated with your user account in the registry on every boot.

IMPORTANT: Set a System Restore point first, just in case something goes wrong. Best to be safe!

  1. Find you user name's SID by entering the following in a command prompt window

    wmic useraccount get name,sid
    

    Make a note of the SID so you can find it in the next steps.

  2. Using RegEdit, navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\UserTile

  3. Find your user key SID and change the value to {BEC09223-B018-416D-A0AC-523971B639F5} (include the brackets) which is the fingerprint logon method. It may be already there, depending on the login method used when you last booted up. If so, just leave it as is.

  4. Right click the UserTile folder and click Permissions

  5. Click Advanced and in the new window, click Disable inheritance and select Convert inherited permission into explicit permission on this object in the popup window, then click Apply.

  6. Double-click on "Administrators", click on "Edit", and make sure that "Type" is set to "Allow" and that "Full Control" is checked, which should be the default. Assuming it is, click on "Cancel".

  7. Double-click on "System", click on 'Edit", set "Type" to "Deny", click "show advanced permissions"and uncheck all the boxes except for the "Set value" box. That is the only box that should checked.

  8. Check the box that says "Only apply these permissions to objects and/or containers within this container" if it is not already checked.

  9. Click OK on all boxes until all permissions windows are closed to save your settings.

  10. Just to make sure, right-click the UserTile key again, select "Permissions", click "Advanced" and go to the "Effective Access" tab in the window.

  11. Click "Select a user", type "SYSTEM" (without quotes"), click "OK", and click "View Effective Access". Confirm that there is an "X" next to "Full Control" and "Set Value", and that all the other entries still have a green checkmark. If so, you can just cancel out of all the permissions windows and close the registry editor. On every subsequent reboot, you should now see the Windows Hello fingerprint login screen.

This method worked perfectly for me. The only possible issue I see is if you decided to add a new user as the inability of the SYSTEM to change this key's registry values might be problematic, but I haven't tried it. In that case, you should be able to give full control back to SYSTEM permissions temporarily, add the user, and repeat the above steps to prevent the SYSTEM from from changing values in this UserTile registry key for both users. Note that you can set the default login method for each user individually.

If anyone is still following this thread and wants to try it, let me know if it worked out for you.