This just happened to me so I wanted to share my findings as a warning to others.
If you use Windows Hello PIN to gain entry to your PC from the lock screen, be aware of an issue I encountered when using MSCONFIG to boot in safe mode (no networking) during a conventional round of debugging.
Safe Mode launched, and presented the Lock Screen, but instead of an option to enter the PIN, you get a “something went wrong – pin unavailable” message, and a clickable option beneath that to “set up a new pin” which, of course, completely fails.
I believe the issue relates to the system attempting to check your PIN externally, but not finding an internet connection. However, instead of offering the secondary option of logging in to the local account, you get nothing other than the error messages described above.
This is a major problem. And here’s why :
You cannot get out of this situation.
When rebooting, windows still attempts to boot in safe mode, and the problem presents itself again.
I tried the following to get out of this loop:
a) Hit the tab key multiple times to try and cajole the account-password login to appear. It didn’t.
b) SHIFT-CLICK the Restart option on the lock screen to open recovery console. This worked, but it didn’t help …
c) Used the windows startup troubleshooter. It couldn’t find anything wrong.
d) Opened an MSDOS prompt and set <b>bcdedit /deletevalue {current} safeboot.</b>
Upon rebooting, I could tell we weren’t going into safe mode anymore, but I still ended up at the same lock screen with the same problem – something wrong with pin. Click to setup a new one. Setup fails. No access to desktop.
e) Used recovery console and command line to delete the contents of the NGC folder. This DID have an affect : Upon rebooting, there was just a lock screen but no Windows Hello prompt whatsoever, no response to clicking. Just a blurred (no doubt quite beautiful) bit of background scenery.
f) In desperation, decided to wipe / reset windows, and use my backup from that morning to restore the o/s partition. I used my Veeam recovery disk and booted off that. Veeam let me down. Upon attempting to restore the volume, Veeam reported it was unable to do so due to a lack of permissions and a volume mismatch. So much for that (now looking for an alternative backup solution, too!).
g) Back in the Windows recovery console next was a Windows Reset, keeping my files. This failed. After rebooting following the reset, the same problem occured and I couldn’t get into the o/s.
g) Tries again – a windows reset, deleting my files. This DID get me back into the windows desktop via a new user account through the conventional setup process.
At this point, I had no option but to throw in the towel, and just set up the o/s to my liking.
I have now disabled Windows Hello PIN, and I recommend you do the same.
Remember this happened just by using MSCONFIG from my ADMIN account, to go into safe boot without networking. From that little decision, an entire day was lost (several in fact). I find it unconscionable that this could happen, but there you go. Maybe I hit a combo that Microsoft hadn’t expected, but if anyone reading this can shed some light on the original issue or avoid themselves going down the same road to hell, then I’d be interested to hear!
Thanks folks!
Marc
