A PIN is an additional security feature available in Windows 10 and Windows 8.1 to protect your user account and all the sensitive data inside it. When enabled, it can be entered instead of the password. Unlike a password, a PIN does not require the user to press the Enter key to sign in and it can be a short 4 digit number. Once you enter the correct PIN, you will be signed in to your Windows 10 account immediately. If you need to change your PIN complexity requirements, here is how it can be done in Windows 10.
The main difference between a PIN and a password is the device on which they can be used.
- While you can use your password to sign in to your Microsoft account from any device and any network, a PIN can only be used with one device where you created it. Think of it as a password for a local (non-Microsoft) account.
- When you are signing in with a password on a device which is online, it is transmitted to Microsoft's servers for verification. A PIN won't be sent anywhere and truly acts like a local password stored on your PC.
- If your device comes with a TPM module, the PIN will be protected and encrypted additionally thanks to the TPM hardware support. For example, it will protect against PIN brute-force attacks. After too many incorrect guesses, the device will become locked.
However, a PIN does not replace the password. To set up a PIN, it is necessary to have a password set for your user account.
Note: If you need to start the computer in Safe Mode, the PIN does not work.
To configure Minimum and Maximum PIN Length in Windows 10, do the following.
Before proceeding, ensure that your user account has administrative privileges. Now, follow the instructions below.
- Open the Registry Editor app.
- Go to the following Registry key.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity
See how to go to a Registry key with one click.
Note: If you don't have such a key in the Registry, just create it. In my case, I had to create the PassportForWork key, and then the PINComplexity key.
- On the right, create a new 32-Bit DWORD value "MinimumPINLength". Set it to to the desired value in decimals for minimum PIN length. The value data can be between 4 and 127.
Note: Even if you are running 64-bit Windows you must still create a 32-bit DWORD value.
- If you need to set the maximum PIN length, create a new 32-bit DWORD "MaximumPINLength" and enter a number between 4 and 127 in decimals as its value data.
- Restart Windows 10.
If you are running Windows 10 Pro, Enterprise, or Education edition, you can use the Local Group Policy Editor app to configure the options mentioned above with a GUI.
- Press Win + R keys together on your keyboard and type:
gpedit.msc
Press Enter.
- Group Policy Editor will open. Go to Computer Configuration\Administrative Templates\System\PIN Complexity. Configure the PIN length requirements and you are done.
That's it.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
Sergey,
thanks for the daily items / puzzles / solutions / tips about Win 10 (and sometimes Linux).
Todays item about how to configure the pin makes me ask you the following question:
which Windows API has to be called to change these settings?
I am just a simple programmer in Liberty Basic and like to work with API’s.
Do you know if the PIN in Windows 8.1 can have the length requirements changed?
I did use the registry values above but always the UI complains “PIN must be 4 digits”.
Maybe the UI won’t allow it, but do you know of any utilities or API’s that can set a longer PIN?