Turn on convenience PIN sign-in

Supported OS tags: Windows10, Windows10RT, Windows11, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2012, WindowsServer2012R2, WindowsServer2016

This policy setting allows you to control whether a domain user can sign in using a convenience PIN. If you enable this policy setting, a domain user can set up and sign in with a convenience PIN. If you disable or don't configure this policy setting, a domain user can't set up and use a convenience PIN. Note: The user's domain password will be cached in the system vault when using this feature. To configure Windows Hello for Business, use the Administrative Template policies under Windows Hello for Business.

This policy has no additional user input fields.

• Computer
  Allow users to select when a password is required when resuming from connected standby

  At least Windows Server 2012, Windows 8 or Windows RT
• Computer
  Always use classic logon

  Windows Server 2003 and versions of Windows from Windows XP Professional through Windows 7.
• Computer
  Always use custom logon background

  Windows Server 2008 R2 and Windows 7
• Computer
  Always wait for the network at computer startup and logon

  At least Windows Server 2003 operating systems or Windows XP Professional
• Computer
  Assign a default credential provider

  At least Windows Server 2016, Windows 10
• Computer
  Assign a default domain for logon

  At least Windows Vista
• Computer
  Block user from showing account details on sign-in

  At least Windows Server 2016, Windows 10
• Computer
  Do not display network selection UI

  At least Windows Server 2012, Windows 8 or Windows RT
• Computer
  Do not display the Getting Started welcome screen at logon

  Windows 2000 only
• Computer
  Do not enumerate connected users on domain-joined computers

  At least Windows Server 2012, Windows 8 or Windows RT
• User
  Do not process the legacy run list

  At least Windows 2000
• Computer
  Do not process the legacy run list

  At least Windows 2000