PIN expiration specifies the period of time that a PIN can be used before the system requires the user to change it. This guide will show 2 ways to enable or disable a PIN expiration requirement for users in Windows 10.
This option is only available in the Windows 10 Pro, Enterprise, and Education editions.
Step 1: Open the Local Group Policy Editor.
Step 2: In the left pane of Local Group Policy Editor, navigate to the location below:
Computer Configuration\Administrative Templates\Windows Components\Windows Hello for Business\PIN Complexity
In the right pane of PIN Complexity, double-click on the Expiration policy to edit it.
Step 3: To enable PIN expiration: select Enabled option. Then enter a number between 1 and 730 days for when to expire after.
Step 4: Or you can set PIN never expire by selecting Disable or Not Configured.
Step 5: When finished, close the Local Group Policy Editor. Restart computer.
To enable or disable PIN expiration, you can modify the Expiration DWORD value in the registry key. This option is available for all editions of Windows 10.
Step 1: Open the Registry Editor.
Press Win + R keys to bring out Run dialog box. Type in regedit, then press Enter.
Step 2: When the Registry Editor opens, head to the following path:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity
In the right pane of PINComplexity, double-click on the Expiration DWORD to modify it.
Step 3: To enable PIN expiration: Select Decimal, enter a number between 1 and 730 days for when to expire after, click on OK.
Step 4: To disable PIN expiration: you can delete the Expiration DWORD.
Step 5: When finished, close Registry Editor.