piratecarrot/disable-pin-and-passcode.ps1

## disable-pin-and-passcode.ps1
# Disabled flag, used to check and enable or disable login provider.
# 1 = Disabled credential provider
# 0 = Enabled credential provider
$DisbaleFlag = "1"

# Registry keys for removing Password and Pin login.
$registryKeys =
@(
    [pscustomobject]@{Name="PasswordProvider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}";Key="Disabled";Value="1"},
    # [pscustomobject]@{Name="PINLogonProvider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{cb82ea12-9f71-446d-89e1-8d0924e1256e}";Key="Disabled";Value="1"},
    # [pscustomobject]@{Name="IrisCredentialProvider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35}";Key="Disabled";Value="1"},
    [pscustomobject]@{Name="NGC Credential Provider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{D6886603-9D2F-4EB2-B667-1971041FA96B}";Key="Disabled";Value="1"}

)
Write-output "Starting check for providers." | Out-File $env:temp\credprovlog.txt
Write-output "" | Out-File $env:temp\credprovlog.txt
foreach ($registrykey in $registryKeys)
{
    Write-output "Checking Credential Provider $($registrykey.Name)" | Out-File $env:temp\credprovlog.txt
    Write-output "----------------------------------------------------------------------------------------" | Out-File $env:temp\credprovlog.txt
    $value = (Get-ItemProperty $registrykey.Location  -ErrorAction SilentlyContinue).$($registrykey.Key)
    If ($value -eq "1")
    {
        Write-output "  $($registrykey.Name) Credential Provider exists, currently set to disabled login." | Out-File $env:temp\credprovlog.txt
        If ($DisbaleFlag -eq "0")
        {
            Write-output "  Enabling Credential Provider $($registrykey.Name)" | Out-File $env:temp\credprovlog.txt
            try
            {
                New-ItemProperty -Path $registrykey.Location -Name $($registrykey.Key) -Value "0" -Force -ErrorAction SilentlyContinue  | Out-Null
            }
            catch
            {
                Write-output "  Error - Enabling Credential Provider $($registrykey.Name)" | Out-File $env:temp\credprovlog.txt
            }
        }
    }
    Else
    {
        Write-output "  $($registrykey.Name) Credential Provider exists does not exist or is set to enabled"
        If ($DisbaleFlag -eq "1")
        {
            Write-output "  Disabling Credential Provider $($registrykey.Name)" | Out-File $env:temp\credprovlog.txt
            try
            {
                New-ItemProperty -Path $registrykey.Location -Name $($registrykey.Key) -Value "1" -Force -ErrorAction SilentlyContinue | Out-Null
            }
            catch
            {
                Write-output "  Error - Disabling Credential Provider $($registrykey.Name)" | Out-File $env:temp\credprovlog.txt
            }
        }
    }
    Write-output "----------------------------------------------------------------------------------------" | Out-File $env:temp\credprovlog.txt
}
Write-output "Completed." | Out-File $env:temp\credprovlog.txt

## enable-pin-and-passcode.ps1
# Disabled flag, used to check and enable or disable login provider.
# 1 = Disabled credential provider
# 0 = Enabled credential provider
$DisbaleFlag = "0"

# Registry keys for removing Password and Pin login.
$registryKeys =
@(
    [pscustomobject]@{Name="PasswordProvider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}";Key="Disabled";Value="1"},
    [pscustomobject]@{Name="PINLogonProvider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{cb82ea12-9f71-446d-89e1-8d0924e1256e}";Key="Disabled";Value="1"},
    [pscustomobject]@{Name="IrisCredentialProvider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35}";Key="Disabled";Value="1"},
    [pscustomobject]@{Name="NGC Credential Provider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{D6886603-9D2F-4EB2-B667-1971041FA96B}";Key="Disabled";Value="1"}

)

Write-output "Starting check for providers." | Out-File $env:temp\credprovlog.txt
Write-output "" | Out-File $env:temp\credprovlog.txt
foreach ($registrykey in $registryKeys)
{
    Write-output "Checking Credential Provider $($registrykey.Name)" | Out-File $env:temp\credprovlog.txt
    Write-output "----------------------------------------------------------------------------------------" | Out-File $env:temp\credprovlog.txt
    $value = (Get-ItemProperty $registrykey.Location  -ErrorAction SilentlyContinue).$($registrykey.Key)
    If ($value -eq "1")
    {
        Write-output "  $($registrykey.Name) Credential Provider exists, currently set to disabled login." | Out-File $env:temp\credprovlog.txt
        If ($DisbaleFlag -eq "0")
        {
            Write-output "  Enabling Credential Provider $($registrykey.Name)" | Out-File $env:temp\credprovlog.txt
            try
            {
                New-ItemProperty -Path $registrykey.Location -Name $($registrykey.Key) -Value "0" -Force -ErrorAction SilentlyContinue  | Out-Null
            }
            catch
            {
                Write-output "  Error - Enabling Credential Provider $($registrykey.Name)" | Out-File $env:temp\credprovlog.txt
            }
        }
    }
    Else
    {
        Write-output "  $($registrykey.Name) Credential Provider exists does not exist or is set to enabled"
        If ($DisbaleFlag -eq "1")
        {
            Write-output "  Disabling Credential Provider $($registrykey.Name)" | Out-File $env:temp\credprovlog.txt
            try
            {
                New-ItemProperty -Path $registrykey.Location -Name $($registrykey.Key) -Value "1" -Force -ErrorAction SilentlyContinue | Out-Null
            }
            catch
            {
                Write-output "  Error - Disabling Credential Provider $($registrykey.Name)" | Out-File $env:temp\credprovlog.txt
            }
        }
    }
    Write-output "----------------------------------------------------------------------------------------" | Out-File $env:temp\credprovlog.txt
}
Write-output "Completed." | Out-File $env:temp\credprovlog.txt
	# Disabled flag, used to check and enable or disable login provider.
	# 1 = Disabled credential provider
	# 0 = Enabled credential provider
	$DisbaleFlag = "1"

	# Registry keys for removing Password and Pin login.
	$registryKeys =
	@(
	[pscustomobject]@{Name="PasswordProvider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}";Key="Disabled";Value="1"},
	# [pscustomobject]@{Name="PINLogonProvider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{cb82ea12-9f71-446d-89e1-8d0924e1256e}";Key="Disabled";Value="1"},
	# [pscustomobject]@{Name="IrisCredentialProvider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35}";Key="Disabled";Value="1"},
	[pscustomobject]@{Name="NGC Credential Provider";Location="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{D6886603-9D2F-4EB2-B667-1971041FA96B}";Key="Disabled";Value="1"}

	)
	Write-output "Starting check for providers." \| Out-File $env:temp\credprovlog.txt
	Write-output "" \| Out-File $env:temp\credprovlog.txt
	foreach ($registrykey in $registryKeys)
	{
	Write-output "Checking Credential Provider $($registrykey.Name)" \| Out-File $env:temp\credprovlog.txt
	Write-output "----------------------------------------------------------------------------------------" \| Out-File $env:temp\credprovlog.txt
	$value = (Get-ItemProperty $registrykey.Location -ErrorAction SilentlyContinue).$($registrykey.Key)
	If ($value -eq "1")
	{
	Write-output " $($registrykey.Name) Credential Provider exists, currently set to disabled login." \| Out-File $env:temp\credprovlog.txt
	If ($DisbaleFlag -eq "0")
	{
	Write-output " Enabling Credential Provider $($registrykey.Name)" \| Out-File $env:temp\credprovlog.txt
	try
	{
	New-ItemProperty -Path $registrykey.Location -Name $($registrykey.Key) -Value "0" -Force -ErrorAction SilentlyContinue \| Out-Null
	}
	catch
	{
	Write-output " Error - Enabling Credential Provider $($registrykey.Name)" \| Out-File $env:temp\credprovlog.txt
	}
	}
	}
	Else
	{
	Write-output " $($registrykey.Name) Credential Provider exists does not exist or is set to enabled"
	If ($DisbaleFlag -eq "1")
	{
	Write-output " Disabling Credential Provider $($registrykey.Name)" \| Out-File $env:temp\credprovlog.txt
	try
	{
	New-ItemProperty -Path $registrykey.Location -Name $($registrykey.Key) -Value "1" -Force -ErrorAction SilentlyContinue \| Out-Null
	}
	catch
	{
	Write-output " Error - Disabling Credential Provider $($registrykey.Name)" \| Out-File $env:temp\credprovlog.txt
	}
	}
	}
	Write-output "----------------------------------------------------------------------------------------" \| Out-File $env:temp\credprovlog.txt
	}
	Write-output "Completed." \| Out-File $env:temp\credprovlog.txt