This policy setting allows you to configure whether or not enhanced startup PINs are used with BitLocker.
Enhanced startup PINs permit the use of characters including uppercase and lowercase letters, symbols, numbers, and spaces. This policy setting is applied when you turn on BitLocker.
If you enable this policy setting, all new BitLocker startup PINs set will be enhanced PINs.
Note: Not all computers may support enhanced PINs in the pre-boot environment. It is strongly recommended that the administrator evaluate if their systems are compatible with this feature prior to enabling its use.
Select the "Require ASCII-only PINs" check box to help make enhanced PINs more compatible with computers that limit the type or number of characters that can be entered in the pre-boot environment.
If you disable or do not configure this policy setting, enhanced PINs will not be used.
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Microsoft\FVE |
Value Name | UseEnhancedPin |
Value Type | REG_DWORD |
Enabled Value | 1 |
Disabled Value | 0 |
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | SOFTWARE\Policies\Microsoft\FVE\MDOPBitLockerManagement |
Value Name | OSEnhancedPINASCIIOnly |
Value Type | REG_DWORD |
Default Value | 1 |
True Value | 1 |
False Value | 0 |