Many of you use PINs to unlock your mobile devices because they are safe and each of them is unique to the device on which it is set. With this in mind, Microsoft added the PIN login feature to Windows devices, specifically Windows 8 and Windows 10 PCs, to allow users to log in with a unique digit number. Unlike a password, a PIN makes logging into your desktop faster, plus you don’t have to hit the Enter key.
PINs are usually shorter than passwords and can only be used on one device. However, you can create long PINs that are difficult for anyone trying to use your computer without your consent to guess.
PIN authentication simplifies the sign-in process since you don’t have to remember complex passwords. So, if you’re interested to learn more about how to enable or disable PIN History on Windows 10, this post is for you. You’ll also learn how to enable PIN expiration if you’re using Windows 10 Pro.
Why use a PIN instead of a password?
- Unlike a password, which you can use to sign in to your Microsoft account from any device, a PIN can only be used locally. That is, it can only be used on the device that was used to create it.
- A PIN is stored locally on your computer, which means that it doesn’t need to be broadcasted to Microsoft’s servers for verification like when using a password on a device that’s online.
- If you use a PIN, you don’t have to type in your Microsoft account password every time you unlock your device. This way, if someone steals your device, they’d have to steal the PIN too, which can be a bit tricky!
That said, some feel like using a few digits may not be safe enough. Thankfully, Windows 10 includes a feature that allows you to add complex requirements to a PIN, such as special characters, uppercase/lowercase letters, and minimum/maximum length. More on that in a minute. First, let’s see how to enable or disable PIN History on your Windows 10 device.
How to allow PIN History on Windows 10
Windows 10 can store between 1 and 50 PINs associated with your user account. The PIN History feature ensures the safety of your PC since the system won’t allow you to reuse PINs continually.
Method 1: Using Registry Editor
- Press the Windows Key and S combination, and type in regedit.
- Right-click “Registry Editor”, and then click on “Run as administrator”.
- Navigate to the following path or simply paste the path on the Registry Editor search box: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity.
Useful tip: If you do not see the PassportForWork key, you can easily create one. Right-click the “Microsoft” key, and click on New > Key. Name the folder PassportForWork, and hit “Enter”. Next, you’ll need to create the PINComplexity key. To do so, right-click the PassportForWork key that you just created and select New > Key. Name the key PINComplexity and hit “Enter”.
- To enable PIN History, create a new 32-bit DWORD value. To do so, select the PINComplexity key and then right-click on an empty area on the right pane. Next, select New > DWORD (32-bit) Value. Name the folder History, and press “Enter”.
- Double-click the “History” DWORD, and select “Decimal”.
- Enter a value between 1 and 50 in the “Value data:” box.
- Restart your device to apply the changes.
To disable PIN History:
- Open the same path as above: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity.
- Right-click the “History” DWORD and select “Delete”.
- Click “Yes” and exit the Registry Editor.
- Restart your PC.
Method 2: Using Local Group Policy Editor
- Press the Win + R shortcut and type in gpedit.msc.
- Press “Enter” or click “OK”.
- Go to this path: Computer Configuration\Administrative Templates\System\PIN Complexity.
- Locate “History” and double-click it.
- To enable PIN History, select “Enabled” and enter a number between 0 and 50 to specify the number of previous PINs that can be stored in history.
- To disable PIN History, select “Not Configured” and click “OK”.
How to enable PIN Complexity on Windows 10
Like we mentioned earlier, Microsoft wants to ensure the safety of your account. For this reason, Windows allows you to set certain requirements that your PIN should fulfil when setting up a new one. Below, we’ll show you how to enable and disable Windows 10 Pro PIN Complexity rules. As you’ll soon find out, the process is simple and straightforward.
Method 1: Using Local Group Policy Editor
- Press the Win + R shortcut, type gpedit.msc, and hit “Enter”.
- In the “Local Group Policy Editor” window, follow this path: Computer Configuration > Administrative Templates > System > PIN Complexity. If you can’t find PIN Complexity, try this path: Computer Configuration > Administrative Templates > Windows Components > Windows Hello for Business > PIN Complexity.
- On the right pane, you’ll notice eight different policies that you can apply to customize PIN Complexity. Here’s what each policy signifies:
- Require Digits: You must include at least one digit in your PIN.
- Require Lowercase Letters: You must use at least one lowercase letter in your PIN.
- Minimum PIN Length: Enabling this policy lets you set a minimum number of characters for your PIN.
- Maximum PIN Length: If you enable this policy, you’ll have to set the maximum number of characters required to create a PIN.
- Expiration: This policy allows you to determine the number of days before the PIN you created expires, consequently forcing you to create a new one.
- History: Enabling this policy prevents you from reusing PINs that you previously created. Windows 10 stores up to 50 history PINs.
- Require special characters: The PIN you create must include at least one of the special characters specified.
- Require Uppercase Letters: You must create a PIN that contains at least one uppercase letter.
Useful tip: You should know that changing PIN Complexity won’t affect the current PIN but new PINs that you create.
- You can enable each policy individually. To do so, double-click on the policy that you wish to change and select “Enabled”.
- Restart Windows to apply the changes.
- Now, the next time you try to set up a new PIN, you’ll see the “PIN Requirements” link.
Method 2: Using Registry Editor
This method won’t work if you’re using Windows 10 Home Edition.
- Press the Win + R keyboard shortcut, and type regedit in the “Run” box.
- Click “OK” or press “Enter”.
- In the “Registry Editor” window, navigate to this path:
Important tip: If you can’t find the PINComplexity key, create one using the steps described above under the “How to allow PIN History in Windows 10” section. You’ll then proceed to create separate DWORD values for each policy, just like in Group Policy Editor. For instance, if you want to create the Require Digits policy, select the PINComplexity key, right-click anywhere on the right pane and click on New > DWORD (32-bit) Value. Name the key “Require Digits”.
Next, double-click the “Require Digits” policy and set “Value Data:” as “1” (one). Click “OK” to save the changes. Repeat the same process to create all the eight policies as mentioned in the Local Group Policy Editor section above or simply create the policies that you wish to enforce.
How to enable PIN Expiration in Windows 10
PIN Expiration is a feature that forces you to change your PIN after a specific number of days. This feature provides additional security for your device. After the expiration period, you can’t log in to your PC. You’ll not be blocked from your account, but you’ll be required to enter the old password so that you can set up a new one.
Employ one of the methods below to enable or disable PIN Expiration on your Windows 10 device.
Method 1: Using Local Group Policy Editor
- Press the Windows Key, type in gpedit.msc, and press “Enter”.
- Open the path: Computer Configuration > Administrative Templates > Windows Components > Windows Hello for Business > PIN Complexity.
- Double-click “Expiration”, and select “Enabled”.
- Enter a number between 1 and 730 to specify the number of days after which the PIN will expire.
- Click “OK” and then “Apply”.
- To disable PIN Expiration, simply click on the “Disabled” radio button and click “OK”.
Method 2: Using Registry Editor
- Press the Windows Key and R combination to launch the “Run” dialog box.
- Input regedit, and press “Enter” or click “OK”.
- Open the following path:
- On the right pane, double-click on the “Expiration” DWORD to modify it. If that key doesn’t exist on your machine, you’ll have to create one. Right-click PINComplexity, select New > DWORD (32-bit) Value, and name the new DWORD “Expiration”.
- To enable PIN Expiration, select the “Decimal” radio button and input a number between 1 and 730 in the “Value data:” box.
- To disable PIN Expiration, right-click the “Expiration” DWORD and select “Delete”.
- Exit the Registry Editor.
On a final note, adding complexity will unmistakably make it more difficult to crack a PIN. While it may seem like there is no difference between a PIN and a password, especially after adding the complexity rules, it’s the mechanisms behind how they work that make all the difference.
Nevertheless, a PIN doesn’t protect your data while online. As a result, your computer may still be vulnerable to relentless attacks from cybercriminals.
To take control of your online activities and keep attackers away, we recommend using Auslogics Anti-Malware. It’s a top-notch security tool that checks every part of your system, including the registry, browser extensions, files, folders, and even apps, for malicious items. The program then ensures that all suspicious items are quarantined to prevent them from damaging your system.
The anti-malware software also allows you to schedule automatic scans, providing full-time protection to your computer. Don’t be a victim of cyberattacks. Protect your online identity and prevent data leaks by installing Auslogics Anti-Malware.
What’s your take on using a PIN instead of a password on your Windows 10 device? Let us know in the comments below.