I have just started using enpass and I love it, mostly because of its compatibility with Windows Hello facial recognition. Now I noticed that, when facial recognition does not work, you are able to log in using your Windows Hello PIN. I can imagine this undermines security quite a bit, since my PIN is much easier to break than my master password. So would it not be better to ask for the master password, whenever facial recognition is failing?