deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 05:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/security/identity-protection/hello-for-business/includes/expiration.md
Paolo Matarazzo 3607d17bf7 update
2025-04-28 07:01:54 -04:00

1.3 KiB
Raw Blame History

author, ms.author, ms.date, ms.topic
author ms.author ms.date ms.topic
paolomatarazzo paoloma 03/12/2024 include

Expiration

This setting specifies the period of time (in days) that a PIN can be used before the system requires the user to change it. The PIN can be set to expire after any number of days between 1 and 730, or PINs can be set to never expire if the policy is set to 0.

The default value is 0.

Path
CSP ./Device/Vendor/MSFT/PassportForWork/{TenantId}/Policies/PINComplexity/devicetenantidpoliciespincomplexityexpiration

./User/Vendor/MSFT/PassportForWork/{TenantId}/Policies/PINComplexity/usertenantidpoliciespincomplexityexpiration
GPO Computer Configuration > Administrative Templates > System > PIN Complexity

Important

PIN expiration is not supported on:

  • Devices with Enhanced Security Settings (ESS) enabled, since Windows Hello uses Virtualization-based Security (VBS) to isolate credentials.
  • Starting with Windows 11, version 24H2, on all devices that have VBS enabled.