Windows allows the use of PINs and biometrics for authentication without sending a password to a network or website where it could be compromised. Longer minimum PIN lengths increase the available combinations an attacker would have to attempt. Shorter minimum length significantly reduces the strength.
Note: A different registry location is needed when systems are managed by Intune versus GPO.
Check
If the following registry value does not exist or is not configured as specified, this is a finding:
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> PIN Complexity >> "Minimum PIN length" to "6" or greater.
For Intune-managed systems:
Revise the Intune policy to set the minimum PIN length to "6" or greater.