Change PIN Complexity Requirements Policy in Windows 10

November 22nd, 2016 by Admin Leave a reply »

PIN login was first introduced in Windows 8 that lets users to login with a four-digit number. The PIN is really short and simple that could be compromised easily by hackers.

Thankfully, Windows 10 includes the PIN complexity feature that allows to set up a complex PIN with special characters, uppercase / lowercase letters. The PIN isn’t restricted to four digits and it can be as complex as Windows text-based password. In this tutorial we’ll show you how to change / enable the PIN complexity requirements policy in Windows 10.

Part 1: Enable PIN Complexity Group Policy in Windows 10

  1. Press the Windows key + R keyboard shortcut, type gpedit.msc in the Run box and press Enter. This will open the Local Group Policy Editor.

    gpedit

  2. Navigate to the following location on the left side:

    Computer Configuration > Administrative Templates > System > PIN Complexity

    If you’re running Windows 10 Anniversary Update (version 1607) or earlier, navigate to:

    Computer Configuration > Administrative Templates > Windows Components > Windows Hello for Business > PIN Complexity

  3. On the right side, you can see 8 different policies to customize PIN complexity. Note that changing PIN complexity does not impact existing PIN login, only affects new PIN created.

    pin-complexity-policy

    • Require digits: Your PIN must contain at least one digit number.
    • Require lowercase letters: Your PIN must contain at least one lowercase letter.
    • Require uppercase letters: Your PIN must contain at least one uppercase letter.
    • Expiration: This policy lets you set the number of days before the PIN expires and forces users to change PIN.

      pin-expiration

    • Maximum PIN length: This policy lets you set a maximum number of characters you can use to create a PIN.
    • Minimum PIN length: Determine the least number of characters that a PIN may contain. This should be less than the Maximum PIN length.

      minimum-pin-length

    • History: Prevent you from reusing previously used PINs. You can configure Windows to remember 0 to 50 history PINs.
    • Require special characters: Your PIN must contain at least one of these special characters: ! ” # $ % & ‘ ( ) * + , – . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~ .

      pin-special-chars

  4. Once you are done setting up the PIN complexity, restart Windows 10 to make your changes take effect. Now when you try to set up a new PIN, you can see the “PIN requirements” link under the PIN box. Click the link and you can view the PIN complexity requirements configured on your computer.

    pin-requirements

Part 2: Use Registry Editor to Enable PIN Complexity in Windows 10

If you are running Windows 10 Home edition, then you’re unable to access the Local Group Policy Editor. In that case you can use the Windows Registry Editor to enable PIN complexity.

  1. Press the Windows key + R keyboard shortcut, type regedit in the Run box and press Enter. This will open the Registry Editor.

    regedit-via-run

  2. Navigate to the following key on the left side:
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity

    If the PINComplexity key doesn’t exist, you need to create it manually.

  3. On the right side, you can create separate DWORD values for each PIN complexity policy. For example, if you want to set the PIN to expire after 30 days, right-click the empty space and select New -> DWORD (32-bit) Value, name the newly-created value as Expiration. Double-click on it, enter 30 (Decimal) in the Value Data box and click OK.

    PINComplexity

    • Digits: Require digits
    • Expiration: Expiration
    • UppercaseLetters: Require uppercase letters
    • LowercaseLetters: Require lowercase letters
    • MaximumPINLength: Maximum PIN length
    • MinimumPINLength: Minimum PIN length
    • SpecialCharacters: Require special characters
  4. If you don’t want to enforce one of PIN complexity policies, just delete the corresponding DWORD value and you’re done. After you complete editing the registry, reboot Windows 10 to apply the new PIN complexity policy.