A PIN is an additional security feature available in Windows 10 and Windows 8.1 to protect your user account and all the sensitive data inside it. When enabled, it can be entered instead of the password. Unlike a password, a PIN does not require the user to press the Enter key to sign in and it can be a short 4 digit number. Once you enter the correct PIN, you will be signed in to your Windows 10 account immediately. You can specify the number of past PINs that can’t be reused for a user account. Here is how it can be done.
The main difference between a PIN and a password is the device on which they can be used.
- While you can use your password to sign in to your Microsoft account from any device and any network, a PIN can only be used with one device where you created it. Think of it as a password for a local (non-Microsoft) account.
- When you are signing in with a password on a device which is online, it is transmitted to Microsoft's servers for verification. A PIN won't be sent anywhere and truly acts like a local password stored on your PC.
- If your device comes with a TPM module, the PIN will be protected and encrypted additionally thanks to the TPM hardware support. For example, it will protect against PIN brute-force attacks. After too many incorrect guesses, the device will become locked.
However, a PIN does not replace the password. To set up a PIN, it is necessary to have a password set for your user account.
Note: If you need to start the computer in Safe Mode, the PIN does not work.
Before proceeding, ensure that your user account has administrative privileges. Now, follow the instructions below.
To enable or disable PIN History in Windows 10, do the following.
- Open the Registry Editor app.
- Go to the following Registry key.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity
See how to go to a Registry key with one click.
Note: If you don't have such a key in the Registry, just create it. In my case, I had to create the PassportForWork key, and then the PINComplexity key.
- To enable the PIN History feature, create a new 32-Bit DWORD value History on the right. Set its value data in decimals. It can be between 1 and 50 and the number of previous PINs to store in history.
Note: Even if you are running 64-bit Windows you must still create a 32-bit DWORD value. - To disable the PIN History feature, delete the History value. This is the default setting.
- Restart Windows 10.
Enable or Disable PIN History in Windows 10 with Local Group Policy Editor
If you are running Windows 10 Pro, Enterprise, or Education edition, you can use the Local Group Policy Editor app to configure the options mentioned above with a GUI.
- Press Win + R keys together on your keyboard and type:
gpedit.msc
- Group Policy Editor will open. Go to Computer Configuration\Administrative Templates\System\PIN Complexity. Configure the History option and you are done.
That's it.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
You haven’t said what the PIN history setting of 1-50 actually does.
You can specify the number of past PINs that can’t be reused for a user account.
In the beginning of the article.
OK, thanks. I missed that.
No problem!