In this article, learn how to configure minimum PIN length for startup, if you've enabled BitLocker on operating system volume with TPM installed machine.

We all know that BitLocker can be enabled on operating system drive as mentioned in this guide. If your system has TPM installed, you can setup startup PIN to unlock OS drive, as your system starts. In case, if you don’t have TPM installed, you can allow BitLocker without compatible TPM and using traditional password.

Okay, so when you enable BitLocker on a system with TPM installed, you’ll configure a startup PIN. In this article, we’ll see how to setup minimum length for this startup PIN.   Please do not get confuse with PIN complexity, which is a different thing for Windows 10. It is basically used in organizations and is intended only for Windows 10 PIN, not the BitLocker startup PIN.

You can configure this minimum PIN length using simple registry manipulation as mentioned below.

How To Configure Minimum PIN Length For Startup In Windows 10

Registry Disclaimer: The further steps will involve registry manipulation. Making mistakes while manipulating registry could affect your system adversely. So be careful while editing registry entries and create a System Restore point first.

1. Press W8K + R and type regedit in Run dialog box to open Registry Editor (if you’re not familiar with Registry Editor, then click here). Click OK.

Windows 10 Registry Editor

2. In left pane of Registry Editor window, navigate to following registry key:

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft

How To Configure Minimum PIN Length For Startup In Windows 10

3. Right click Microsoft registry key, select New > Key. Name the newly created sub-key as FVE. Now in the right pane of FVE registry key (HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE), right click and select New > DWORD Value. Name the newly created registry DWORD (REG_DWORD) as MinimumPIN. Double click on the DWORD to modify its Value data:

How To Configure Minimum PIN Length For Startup In Windows 10

4. The default Value data for this DWORD is 6, which means the minimum length of startup PIN should be 6. You can set the Value data from 6 to 20 on Decimal base depending upon your requirement. Click OK. Close Registry Editor and reboot to make changes effective.

Group Policy Setting: If you want to configure minimum PIN length for startup on multiple machines in your organization/workplace, you can deploy the relevant GPO setting. Set Configure minimum PIN length for startup setting at Computer configuration > Administrative templates > Windows Components BitLocker Drive Encryption > Operating System Drives to Enabled and then set the minimum value between 6 to 20.

That’s it!

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Comments

  • Martyn : Many thanks for this, it worked like a charm. (After trying the soluti...

    8 hours ago

  • Kapil Arya : ^^ Run Network Adapter troubleshooter: https://www.kapilarya.com/how-t...

    9 hours ago

  • Diva : Google is not working in any browser in windows 10...it is updated.......

    13 hours ago

  • Kapil Arya : ^^ juan, you need to go your device manufacturer's website and downloa...

    16 hours ago