Allow enhanced PINs for startup

This policy setting allows you to configure whether or not enhanced startup PINs are used with BitLocker.

Enhanced startup PINs permit the use of characters including uppercase and lowercase letters, symbols, numbers, and spaces. This policy setting is applied when you turn on BitLocker.

If you enable this policy setting, all new BitLocker startup PINs set will be enhanced PINs.

Note: Not all computers may support enhanced PINs in the pre-boot environment. It is strongly recommended that the administrator evaluate if their systems are compatible with this feature prior to enabling its use.

Select the "Require ASCII-only PINs" check box to help make enhanced PINs more compatible with computers that limit the type or number of characters that can be entered in the pre-boot environment.

If you disable or do not configure this policy setting, enhanced PINs will not be used.

Supported on: At least Windows 7

Registry PathSoftware\Policies\Microsoft\FVE
Value NameUseEnhancedPin
Enabled Value1
Disabled Value0

Require ASCII-only PINs
Registry PathSOFTWARE\Policies\Microsoft\FVE\MDOPBitLockerManagement
Value NameOSEnhancedPINASCIIOnly
Default Value1
True Value1
False Value0


Administrative Templates (Computers)

Administrative Templates (Users)