PIN Sign-in disabled when System is joined to Domain

The PIN sign-in introduced in Windows 8 helps us to log-in to system using a easy to remember 4 digit number. PIN sign-in is bit handy as compared to password and Picture password options. However, one disadvantage of PIN sign-in, is that it doesn’t works when your system is in Safe Mode.

PIN Sign-in is disabled when system is joined to Domain

If you are running a Windows 8 or later running system that is joined to domain, you may not able to create or logon using PIN. When you visit the PC Settings -> Users and accounts -> Sign-in options section to create the PIN, you may find that the option to create is grayed out i.e. disabled.

PIN Sign-in is disabled when system is joined to Domain

As you can see from the image shown above, there is no error or message displayed for the option disabled there. If your PIN Sign-in disabled & grayed out when Windows is joined to a domain, turn on & enable PIN sign-in for Domain users by following this tutorial.

Turn on & enable PIN sign-in for Domain users

This method only In Windows 8 or later; Pro & Enterprise Editions.

1. Press Windows Key + R combination, type put gpedit.msc in Run dialog box and hit Enter to open the Local Group Policy Editor.

Prevent Store Apps From Pinning To Start Screen When Installed Prevent Users From Resetting Internet Explorer Settings

2. In the left pane of Local Group Policy Editor, navigate here:

Computer Configuration -> Administrative Templates -> System -> Logon -> Turn on pin sign-in

Turn on & enable PIN sign-in for Domain users

3. In the right pane of above shown window, look for the setting named Turn on PIN sign-in which must be Not Configured by default. Double click on the same setting to get this:

PIN-Sign-in Disabled-2

4. Finally, in the above shown window, click Enabled and then click Apply followed by OK. You can now close the Local Group Policy Editor window and reboot the machine. After restarting the system, you should be able to use create and use PIN sign-in.

Hope this helps, Good luck!

Posted by on , in Category Windows with Tags
An Electrical Engineer by profession, Kapil is a Microsoft MVP and a Microsoft Content Creator. Please read the entire post & the comments first & create a system restore point before making any changes to your system.


  1. Bill B.

    Nope, it didn’t fix it. I change the group policy on the server/dc and changed it in WIndows 10, but the pin sign-in still doesn’t work.

  2. Work-sheeP

    @Bill B.: This group policy is only for Win8. for win10 use the group policy “Microsoft Passport for Work” (under Computer Configuration -> Administrative Templates -> Windows components => Microsoft Passport für Work”)

  3. Mad Tom Vane

    Yeah, that didn’t work. The PassPort thing didn’t work either.

    I believe I found what you need to set.
    Disabling the Windows Passport and disabling the Turn on convenience PIN sign-in policy didn’t stop the use of a PIN on Windows 10; you need to use Exclude credential providers.

    Under Computer ConfigurationAdministrative TemplatesSystemLogon you need to add CLSIDs of credential providers to the Exclude credential providers policy. The CLSID for PINLogonProvider is {cb82ea12-9f71-446d-89e1-8d0924e1256e}.

  4. IanHead

    Worked beautifully for me. I do assume you need to be a member of the local admin group for this to work, though. And if you want to save yourself a reboot, you can open up command prompt and type “gpupdate /force” instead of restarting the machine

  5. Rainabba

    To clarify, this is to DISABLE pin sign-on, not enable it (which is what this article is addressing) right?

  6. Well this does not work, if your Win 10 is joined to a AD domain starting with the latest update the PIN/Biometric will no longer work. I found these policy settings on the local PC but it won’t work because of the domain. Problem is that my domain is based on 2008 R2 and those properties are not in the GPO editor. So I guess I will have to update my DCs to 2012 at least… sigh!

  7. Simone Vismara

    Hi, thanks for the instructions. Perfectly done in a couple of minutes on Windows 10 Pro

  8. Kurt B

    Doesn’t work for me

  9. Nir Shiloni

    Great simple solution !

  10. Kurtis

    Worked well for me on Win 10 with a Server 2012 R2 DC and the latest Win 10 ADMX (1709)

Leave a Reply

Your email address will not be published. Required fields are marked *

6 + 7 =