In this registry workshop, learn how to enable PIN expiration in Windows 10. With this, you can force users to change their PIN in 1 to 730 days range.

Earlier, we’ve shared you following article which talks about configuring password expiration:

How to configure password expiration in Windows 10

Now, in this article we’ll see how to configure PIN expiration. Basically, PIN expiration is part of PIN complexity. However, in some of earlier Windows 10 versions, PIN expiration wasn’t available. But Microsoft added the PIN expiration to complexity in newer version. The advantage of this is that you can set number of days in which PIN expires or users should change it. When PIN expiration is configured, and if PIN is expired, users will see Your organization requires that you change your PIN message.

How To Configure PIN Expiration In Windows 10

PIN expiration in Windows 10 is disabled by default. You can enable it using below mentioned steps.

How To Enable PIN Expiration In Windows 10

Registry Disclaimer: The further steps will involve registry manipulation. Making mistakes while manipulating registry could affect your system adversely. So be careful while editing registry entries and create a System Restore point first.

1. Press W8K + R and type regedit in Run dialog box to open Registry Editor (if you’re not familiar with Registry Editor, then click here). Click OK.

Windows 10 Registry Editor

2. In left pane of Registry Editor window, navigate to following registry key:


How To Configure PIN Expiration In Windows 10

3. Right click Microsoft registry key, select New > Key. Name the newly created sub-key as PassportForWork. Similarly create PINComplexity registry sub-key next to Microsoft registry key. If these registry keys already exists, skip creation of new keys. Now in the right pane of PINComplexity registry key (HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity), right click and select New > DWORD Value. Name the newly created registry (REG_DWORD) as Expiration. Double click on the string to modify its Value data:

How To Configure PIN Expiration In Windows 10

4. Set the Decimal base first and then type any Value data between 1 to 730 which would be number of days after which PIN will be expired. In this example, we put 60 as Value data, so the PIN will expire within 60 days. Click OK, close Registry Editor and reboot to make changes effective.

Group Policy Setting: If you want to enable PIN expiration on multiple machines in your organization/workplace, you can deploy the relevant GPO setting. Configure Expiration policy setting at Computer configuration > Administrative templates > System > PIN Complexity to Enabled. You can then set number of days between 1 to 730 in Options.

That’s it!

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Comments

  • Kapil Arya : ^^ Is your system part of domain?...

    33 mins ago

  • John Wayner : I have a unique problem with this error. I am able to input my pass...

    14 hours ago

  • Kapil Arya : ^^ You need to install generic Bluetooth device available on your syst...

    21 hours ago

  • Miki : HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogo...

    1 day ago