From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin@tlinx.org>
Received: from Ishtar.sc.tlinx.org (ishtar.tlinx.org [173.164.175.65])
 by sourceware.org (Postfix) with ESMTPS id 3E22A3858C60
 for <cygwin@cygwin.com>; Mon, 20 Sep 2021 10:01:17 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 3E22A3858C60
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=tlinx.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=tlinx.org
Received: from [192.168.3.12] (Athenae [192.168.3.12])
 by Ishtar.sc.tlinx.org (8.14.7/8.14.4/SuSE Linux 0.8) with ESMTP id
 18KA0IcA080131; Mon, 20 Sep 2021 03:00:22 -0700
Message-ID: <61485B73.1090402@tlinx.org>
Date: Mon, 20 Sep 2021 02:59:15 -0700
From: L A Walsh <cygwin@tlinx.org>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: "Henry S. Thompson" <ht@inf.ed.ac.uk>,
 "cygwin@cygwin.com" <cygwin@cygwin.com>
Subject: Re: Can't ssh to cygwin after switching sign-in to Windows Hello PIN
References: <f5bwnnla1qa.fsf@ecclerig.inf.ed.ac.uk>
 <74a78044-5ddd-c2f0-1d1b-bdb092a8c2b2@SystematicSw.ab.ca>
 <f5btuil39b4.fsf@ecclerig.inf.ed.ac.uk>
In-Reply-To: <f5btuil39b4.fsf@ecclerig.inf.ed.ac.uk>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-0.5 required=5.0 tests=BAYES_05, KAM_DMARC_STATUS,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: cygwin@cygwin.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-request@cygwin.com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=subscribe>
X-List-Received-Date: Mon, 20 Sep 2021 10:01:18 -0000



On 2021/09/15 12:53, Henry S. Thompson via Cygwin wrote:
> frankly, it seems like a bug, and
> if Microsoft succeeds in moving more people to using PINs for login,
> it will surely begin to bite others...
----

Isn't the idea of using the PIN login to get rid of the use (and the
ability) to use passwords?

I agree with you that it is likely to cause problems, but creating
a block to using a password seems to be intentional.

It's a bit like some of the problems with the 'Oauth' system where
one provider (like google) provides a way to allow you to login to
other sites using your google authentication, but not requiring you
give the "other site" a password.  When I first read about it though,
it seemed like the authorization process required web access for
the authorization to be exchanged, but I'm not 100% sure about that.
If it required web-auth, that has its own set of problems.