Home » Computers » Enterprise Computing » Enable Windows PIN Sign-In

Enable Windows PIN Sign-In

If a Windows 8.x/10 computer is joined to an Active Directory domain then the User Account “PIN sign-in” option is disabled (not Configured) by default. You can set it in either a domain or local Group Policy Object (GPO). It can also enabled on a local computer via a registry key setting.

For Local Group Policy run [Win+R] gpedit.msc and under Local Computer Policy expand the tree to:
Computer Configuration\Administrative Templates\System\Logon
Change the Turn on convenience PIN sign-in setting to Enabled.

Local GPO

Local GPO
Fig. #1: Local Group Policy Editor

Registry Edit
You can also change this setting in the local registry. Enable PIN sign-in by creating the REG_DWORD value AllowDomainPINLogon under the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System Registry key and setting it to 1.

Domain GPO
If you want to change this setting in a domain GPO it is nearly the same path & name as the local GPO. Domain path:
Computer Configuration\Policies\Administrative Templates\System\Logon
Change the Turn on PIN sign-in setting to Enabled.

Group Policy Management Editor
Fig. #2: Group Policy Management Editor