Apply suggestions from code review

Apply mostly Acrolinx hyphen fixes 
whats-new...-10-2015.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/40333b15-61cf-454b-bf90-a1c67f6d7d54#CORRECTNESS
successful sign in > successful sign-in
administrative sign in > administrative sign-in

whats-new...-10-2021.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/a6ab218a-059d-4a9b-8a72-3f66086590e9#CORRECTNESS
Enabling passwordless sign in > Enabling passwordless sign-in 
password-less sign in > password-less sign in

whats-new...and-1511.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/7ec86fba-ac0f-4c41-9bcb-1f24710a59c3#CORRECTNESS
successful sign in > successful sign-in
"administrative sign in" > "administrative sign-in" 

whats-new...ion-1703.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/a653d7e8-8ed5-4a8b-9975-9ce13d7ca166#CORRECTNESS
displayed during sign in. > displayed during sign-in.

whats-new...ion-1803.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/46d94f81-3c35-4b8e-ba3f-67d7c2068239#CORRECTNESS
 faster sign in, > faster sign-in,

whats-new...ion-1809.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/181fce21-0f94-4381-9acc-b34a8eb71b7d#CORRECTNESS
Windows sign in > Windows sign-in 

whats-new...ion-1903.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/e4522b50-b9f3-4302-a77e-de0213098209#CORRECTNESS
password-less sign in > password-less sign-in 

whats-new...ion-2004.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/85ad656b-3c21-48a1-9225-90319374d094#CORRECTNESS
passwordless sign in > passwordless sign-in

whats-new...ion-20H2.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/163b5352-672c-4ed0-a93b-fc2e529d65b7#CORRECTNESS

And two British periods to American periods.

windows/whats-new/ltsc/whats-new-windows-10-2015.md

@@ -44,7 +44,7 @@ Enhancements to AppLocker in Windows 10 include:
 
 -   **Encrypt and recover your device with Azure Active Directory**. In addition to using a Microsoft Account, automatic [Device Encryption](/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10#device-encryption) can now encrypt your devices that are joined to an Azure Active Directory domain. When the device is encrypted, the BitLocker recovery key is automatically escrowed to Azure Active Directory. This escrow will make it easier to recover your BitLocker key online.
 -   **DMA port protection**. You can use the [DataProtection/AllowDirectMemoryAccess](/windows/client-management/mdm/policy-configuration-service-provider#dataprotection-allowdirectmemoryaccess) MDM policy to block DMA ports when the device is starting up. Also, when a device is locked, all unused DMA ports are turned off, but any devices that are already plugged into a DMA port will continue to work. When the device is unlocked, all DMA ports are turned back on.
--   **New Group Policy for configuring pre-boot recovery**. You can now configure the pre-boot recovery message and recover URL that is shown on the pre-boot recovery screen. For more info, see the [Configure pre-boot recovery message and URL](/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#bkmk-configurepreboot) section in "BitLocker Group Policy settings".
+-   **New Group Policy for configuring pre-boot recovery**. You can now configure the pre-boot recovery message and recover URL that is shown on the pre-boot recovery screen. For more info, see the [Configure pre-boot recovery message and URL](/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#bkmk-configurepreboot) section in "BitLocker Group Policy settings."
 
 [Learn how to deploy and manage BitLocker within your organization](/windows/device-security/bitlocker/bitlocker-overview).
 

windows/whats-new/ltsc/whats-new-windows-10-2021.md

@@ -143,7 +143,7 @@ Windows Hello enhancements include:
 - Windows Hello for Business now has Hybrid Azure Active Directory support and phone number sign-in (Microsoft account). FIDO2 security key support is expanded to Azure Active Directory hybrid environments, enabling enterprises with hybrid environments to take advantage of [passwordless authentication](/azure/active-directory/authentication/howto-authentication-passwordless-security-key-on-premises). For more information, see [Expanding Azure Active Directory support for FIDO2 preview to hybrid environments](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/expanding-azure-active-directory-support-for-fido2-preview-to/ba-p/981894).
 - With specialized hardware and software components available on devices shipping with Windows 10, version 20H2 configured out of factory, Windows Hello now offers added support for virtualization-based security with supporting fingerprint and face sensors. This feature isolates and secures a user's biometric authentication data.
 - Windows Hello multi-camera support is added, allowing users to choose an external camera priority when both external and internal Windows Hello-capable cameras are present.
-- [Windows Hello FIDO2 certification](https://fidoalliance.org/microsoft-achieves-fido2-certification-for-windows-hello/): Windows Hello is now a FIDO2 Certified authenticator and enables password-less sign in for websites supporting FIDO2 authentication, such as Microsoft account and Azure AD.
+- [Windows Hello FIDO2 certification](https://fidoalliance.org/microsoft-achieves-fido2-certification-for-windows-hello/): Windows Hello is now a FIDO2 Certified authenticator and enables password-less sign-in for websites supporting FIDO2 authentication, such as Microsoft account and Azure AD.
 - [Streamlined Windows Hello PIN reset experience](/windows/security/identity-protection/hello-for-business/hello-videos#windows-hello-for-business-forgotten-pin-user-experience): Microsoft account users have a revamped Windows Hello PIN reset experience with the same look and feel as signing in on the web.
 - [Remote Desktop with Biometrics](/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop#remote-desktop-with-biometrics): Azure Active Directory and Active Directory users using Windows Hello for Business can use biometrics to authenticate to a remote desktop session.
 
@@ -189,7 +189,6 @@ Windows Management Instrumentation (WMI) Group Policy Service (GPSVC) has a perf
 #### Key-rolling and Key-rotation
 
 This release also includes two new features called Key-rolling and Key-rotation enables secure rolling of Recovery passwords on MDM-managed Azure Active Directory devices on demand from Microsoft Intune/MDM tools or when a recovery password is used to unlock the BitLocker protected drive. This feature will help prevent accidental recovery password disclosure as part of manual BitLocker drive unlock by users.
-s
 ## Deployment
 
 ### SetupDiag

windows/whats-new/whats-new-windows-10-version-1507-and-1511.md

@@ -57,7 +57,7 @@ With Windows 10, you can create provisioning packages that let you quickly and e
 
 -   **Encrypt and recover your device with Azure Active Directory**. In addition to using a Microsoft Account, automatic [Device Encryption](/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10#device-encryption) can now encrypt your devices that are joined to an Azure Active Directory domain. When the device is encrypted, the BitLocker recovery key is automatically escrowed to Azure Active Directory. This escrow will make it easier to recover your BitLocker key online.
 -   **DMA port protection**. You can use the [DataProtection/AllowDirectMemoryAccess](/windows/client-management/mdm/policy-configuration-service-provider#dataprotection-allowdirectmemoryaccess) MDM policy to block DMA ports when the device is starting up. Also, when a device is locked, all unused DMA ports are turned off, but any devices that are already plugged into a DMA port will continue to work. When the device is unlocked, all DMA ports are turned back on.
--   **New Group Policy for configuring pre-boot recovery**. You can now configure the pre-boot recovery message and recover URL that is shown on the pre-boot recovery screen. For more info, see the [Configure pre-boot recovery message and URL](/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#bkmk-configurepreboot) section in "BitLocker Group Policy settings".
+-   **New Group Policy for configuring pre-boot recovery**. You can now configure the pre-boot recovery message and recover URL that is shown on the pre-boot recovery screen. For more info, see the [Configure pre-boot recovery message and URL](/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#bkmk-configurepreboot) section in "BitLocker Group Policy settings."
 
 [Learn how to deploy and manage BitLocker within your organization](/windows/device-security/bitlocker/bitlocker-overview).
 
@@ -101,7 +101,7 @@ In Windows 10, security auditing has added some improvements:
 
 In Windows 10, two new audit subcategories were added to the Advanced Audit Policy Configuration to provide greater granularity in audit events:
 -   [Audit Group Membership](/windows/device-security/auditing/audit-group-membership) Found in the Logon/Logoff audit category, the Audit Group Membership subcategory allows you to audit the group membership information in a user's sign-in token. Events in this subcategory are generated when group memberships are enumerated or queried on the PC where the sign-in session was created. For an interactive logon, the security audit event is generated on the PC that the user logged on to. For a network logon, such as accessing a shared folder on the network, the security audit event is generated on the PC hosting the resource.
-    When this setting is configured, one or more security audit events are generated for each successful sign in. You must also enable the **Audit Logon** setting under **Advanced Audit Policy Configuration\\System Audit Policies\\Logon/Logoff**. Multiple events are generated if the group membership information can't fit in a single security audit event.
+    When this setting is configured, one or more security audit events are generated for each successful sign-in. You must also enable the **Audit Logon** setting under **Advanced Audit Policy Configuration\\System Audit Policies\\Logon/Logoff**. Multiple events are generated if the group membership information can't fit in a single security audit event.
 -   [Audit PNP Activity](/windows/security/threat-protection/auditing/audit-pnp-activity) Found in the Detailed Tracking category, the Audit PNP Activity subcategory allows you to audit when plug and play detects an external device.
     Only Success audits are recorded for this category. If you don't configure this policy setting, no audit event is generated when an external device is detected by plug and play.
     A PnP audit event can be used to track down changes in system hardware and will be logged on the PC where the change took place. A list of hardware vendor IDs are included in the event.
@@ -132,7 +132,7 @@ The sign-in event ID 4624 has been updated to include more verbose information t
 1.  **MachineLogon** String: yes or no
     If the account that logged into the PC is a computer account, this field will be yes. Otherwise, the field is no.
 2.  **ElevatedToken** String: yes or no
-    If an account signed in to the PC through the "administrative sign in" method, this field will be yes. Otherwise, the field is no. Additionally, if this field is part of a split token, the linked sign-in ID (LSAP\_LOGON\_SESSION) will also be shown.
+    If an account signed in to the PC through the "administrative sign in"-method, this field will be yes. Otherwise, the field is no. Additionally, if this field is part of a split token, the linked sign-in ID (LSAP\_LOGON\_SESSION) will also be shown.
 3.  **TargetOutboundUserName** String
     **TargetOutboundUserDomain** String
     The username and domain of the identity that was created by the LogonUser method for outbound traffic.

windows/whats-new/whats-new-windows-10-version-1809.md

@@ -245,7 +245,7 @@ Do you have shared devices deployed in your work place? **Fast sign-in** enables
 >[!IMPORTANT]
 >This is a private preview feature and therefore not meant or recommended for production purposes. This setting is not currently supported at this time.
 
-Until now, Windows sign in only supported the use of identities federated to ADFS or other providers that support the WS-Fed protocol. We're introducing **web sign-in**, a new way of signing into your Windows PC. Web sign-in enables Windows sign-in support for credentials not available on Windows. Web sign-in is restricted to only support Azure AD temporary access pass.
+Until now, Windows sign-in only supported the use of identities federated to ADFS or other providers that support the WS-Fed protocol. We're introducing **web sign-in**, a new way of signing into your Windows PC. Web sign-in enables Windows sign-in support for credentials not available on Windows. Web sign-in is restricted to only support Azure AD temporary access pass.
 
 **To try out web sign-in:**
 1. Azure AD Join your Windows 10 PC. (Web sign-in is only supported on Azure AD Joined PCs).
@@ -268,8 +268,7 @@ Android phone users, you can finally stop emailing yourself photos. With Your Ph
 
 For iPhone users, **Your Phone** app also helps you to link your phone to your PC. Surf the web on your phone, then send the webpage instantly to your computer to continue what you’re doing-read, watch, or browse-with all the benefits of a bigger screen. 
 
-> [!div class="mx-imgBorder"]
+:::image type="content" source="images/your-phone.png" alt-text="Your phone.":::
-> ![your phone.](images/your-phone.png "your phone")
 
 The desktop pin takes you directly to the **Your Phone** app for quicker access to your phone’s content. You can also go through the all apps list in Start, or use the Windows key and search for **Your Phone**. 
 

windows/whats-new/whats-new-windows-10-version-1903.md

@@ -118,7 +118,7 @@ This new feature is displayed under the Device Security page with the string “
 
 ### Identity Protection
 
-- [Windows Hello FIDO2 certification](https://fidoalliance.org/microsoft-achieves-fido2-certification-for-windows-hello/): Windows Hello is now a FIDO2 Certified authenticator and enables password-less sign in for websites supporting FIDO2 authentication, such as Microsoft account and Azure AD.
+- [Windows Hello FIDO2 certification](https://fidoalliance.org/microsoft-achieves-fido2-certification-for-windows-hello/): Windows Hello is now a FIDO2 Certified authenticator and enables password-less sign-in for websites supporting FIDO2 authentication, such as Microsoft account and Azure AD.
 - [Streamlined Windows Hello PIN reset experience](/windows/security/identity-protection/hello-for-business/hello-videos#windows-hello-for-business-forgotten-pin-user-experience): Microsoft account users have a revamped Windows Hello PIN reset experience with the same look and feel as signing in on the web.
 - Sign-in with [Password-less](/windows/security/identity-protection/hello-for-business/passwordless-strategy) Microsoft accounts: Sign in to Windows 10 with a phone number account. Then use Windows Hello for an even easier sign-in experience!
 - [Remote Desktop with Biometrics](/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop#remote-desktop-with-biometrics): Azure Active Directory and Active Directory users using Windows Hello for Business can use biometrics to authenticate to a remote desktop session.