List of PIN Error Codes on Windows 11 with solutions

During Windows Hello setup in Windows 11 or Windows 10, it’s compulsory to create a PIN as well. The PIN ensures you can still log in if Hello fails. It is common to get Windows PIN error while setting up Hello. This guide will discuss those errors and how to resolve them.

List of PIN Error Codes on Windows 11/10

One of the error messages is – Something went wrong, and we couldn’t set up your PIN, Error 0x80070032.

Just before we dive deep into error codes, there are a few things you should do that can fix most problems. It includes trying to create a PIN again, signing in/out, and rebooting the device.

1] Sign out and then sign in again

Here is the list of error codes that can be resolved by signing out and signing back in with the same account. These error codes are transient.

• • 0x801C044E: Failed to receive user creds input
  • 0x801C03EF: The AIK certificate is no longer valid
  • 0x801C03EE: Attestation failed
  • 0x801C03EC: Unhandled exception from server
  • 0x801C03EB: Server response HTTP status is not valid
  • 0x801C03E9: Server response message is invalid
  • 0x801C0010: The AIK certificate is not valid or trusted
  • 0x801C0011: The attestation statement of the transport key is invalid
  • 0x801C0012: Discovery request is not in a correct format

2] Unjoin the device from Azure AD and rejoin

All Windows PIN errors related to the Active Directory have a straightforward solution. Unjoin the machine, then rejoin. Then one can try to create the PIN again. To unjoin a computer, go to Settings > System > About and select Disconnect from the organization.

Below is a list of Windows PIN error codes, with an explanation of the issue each one represents. Since this is an Azure AD issue, the solution is the same as above for all the error codes.

0x801C03ED: There are multiple reasons for this. It can be because of-

• Multi-factor authentication is required for a ‘ProvisionKey’ operation but was not performed
• Token was not found in the Authorization header
• Failed to read one or more objects
• or the request sent to the server was invalid.

0x801C03EA: It happens when the server fails to authorize the user or device. Please ask the IT admin to check if the token issued by the AD server is valid and the user has permission to register Windows Hello for Business keys.

0x801C0015: If the device is new, then it is required to be joined to an Active Directory domain. Join the computer to an Active Directory domain, and try again.

0x801C000E: The fix for this is available with the admin who manages computer in the organization.  The error code means that the number of machines that can join Azure AD is at the maximum count. The administrator needs to remove another device from the directory, either add the same machine again or increase the maximum number of devices per user.

0x80090005: The error message “NTE_BAD_DATA” means that there is a certificate issue, and you need to unjoin the device from Azure AD and rejoin.

0x80090011: The error message would say, “The container or key was not found.”  Make sure to unjoin and join Azure AD.

0x8009000F: The error message would say, “The container or key already exists.” Unjoin and join the device from Azure AD.

0x801C044D:  When a device tries to join AD, the authorization code should also contain the device ID. It acts as an identifier. If that is missing, you need to unjoin the device from Azure AD and rejoin.

Read: Windows Hello errors 0x801c004d or 0x80070490.

3] TPM Issues on Windows PIN Error

0x80090029: The error occurs when the TPM  Setup is not complete on the machine.

• Sign on with an administrator account on the device
• In the Start, type “tpm.msc.” It will reveal the Microsoft Common Console Document.
• Click on the Actions file menu, and select Prepare the TPM.

0x80090031: The error displays “NTE_AUTHENTICATION_IGNORED.” To resolve, reboot the machine, and if the error still occurs, reset the TPM or run Clear-TPM.

0x80090035: This occurs when the Business policy of an organization makes TPM mandatory. However, when the device does not have TPM, the only option is to disable the TPM restriction and join the AD.

Read: You’ve entered an incorrect PIN too many times in Windows 11

4] Configuration Issues

0x801C0016: The federation provider configuration is empty. Go here and verify that the file is not empty.

0x801C0017: The federation provider domain is empty. Go here and verify that the FPDOMAINNAME element is not empty.

0x801C0018: The federation provider client configuration URL is empty. Go here and verify that the clientconfig element contains a valid URL.

Read: PIN not working on Windows 11 and will not let me sign in

5] Other Windows PIN Errors

0x801C044D: Unable to obtain the user token

First, sign out and then sign in again. After this check network and credentials.

0x801C000F: Operation successful but the device requires a reboot

Simply reboot the device, and then try the Windows Hello setup again.

x801C0003: User is not authorized to enroll

Check if the user has permission to set up Windows Hello for Business. If not, permission must be granted by the IT admin to complete the process.

0x8009002A NTE_NO_MEMORY

The computer is out of memory. Close all large programs, and then rerun the setup.

0x80090036: User canceled an interactive dialog

You have to try the setup process again.

0x8009002d: Something went wrong, skip now, and try again in some time.

Check out how to resolve Windows PIN Error 0x8009002d.

6] Call Microsoft Support for Windows Pin Error

That covered, there are a few errors which can be resolved by only contacting Microsoft Support. Here is the list:

• 0x80072f0c: Unknown
• 0x80070057: Invalid parameter or argument is passed
• 0x80090027: Caller provided the wrong parameter. If third-party code receives this error, they must change their code.
• 0x8009002D: NTE_INTERNAL_ERROR
• 0x80090020: NTE_FAIL
• 0x801C0001: ADRS server response is not in a valid format
• 0x801C0002: Server failed to authenticate the user
• 0x801C0006: Unhandled exception from server
• 0x801C000C: Discovery failed

We hope this guide from Microsoft, to troubleshoot Windows 11/10 PIN error answers all your queries. If there is a different error code on your screen, share it with us in the comments.

Read: Cannot change or modify PIN in Windows 11.