mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-10 19:47:22 +00:00
1.1 KiB
1.1 KiB
author, ms.author, ms.date, ms.topic
author | ms.author | ms.date | ms.topic |
---|---|---|---|
paolomatarazzo | paoloma | 09/24/2023 | include |
Configure minimum PIN length for startup
This policy configures a minimum length for a Trusted Platform Module (TPM) startup PIN. The startup PIN must have a minimum length of 4 digits and can have a maximum length of 20 digits. If you enable this policy setting, you can require a minimum number of digits to be used when setting the startup PIN. If you disable or do not configure this policy setting, users can configure a startup PIN of any length between 6 and 20 digits.
NOTE: If minimum PIN length is set below 6 digits, Windows will attempt to update the TPM 2.0 lockout period to be greater than the default when a PIN is changed. If successful, Windows will only reset the TPM lockout period back to default if the TPM is reset.
Path | |
---|---|
CSP | ./Device/Vendor/MSFT/BitLocker/ SystemDrivesMinimumPINLength |
GPO | Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating Sytem Drives |