New-CMEnhancedPIN
Create a policy to configure whether BitLocker can use enhanced startup PINs.
Syntax
Default (Default)
New-CMEnhancedPIN
[-PolicyState <State>]
[-RequireAsciiOnlyPin]
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[<CommonParameters>]
Description
Create a policy to configure whether BitLocker can use enhanced startup PINs. Enhanced startup PINs permit the use of characters including uppercase and lowercase letters, symbols, numbers, and spaces. This policy setting is applied when you turn on BitLocker.
Not all computers support enhanced PINs in the pre-boot environment. Before you enable this policy, evaluate if your devices are compatible with it. Use the -RequireAsciiOnlyPin parameter to help make enhanced PINs more compatible with computers that limit the type or number of characters that you can enter in the pre-boot environment.
Examples
Example 1: New default enabled policy
This example creates a policy that's enabled to allow enhanced PINs for startup.
New-CMEnhancedPIN -PolicyState Enabled
Example 2: New enabled policy with ASCII-only PIN
This example creates a policy that's enabled but restricts PINs to the ASCII character set.
New-CMEnhancedPIN -PolicyState Enabled -RequireAsciiOnlyPin
Parameters
-DisableWildcardHandling
This parameter treats wildcard characters as literal character values. You can't combine it with ForceWildcardHandling.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ForceWildcardHandling
This parameter processes wildcard characters and may lead to unexpected behavior (not recommended). You can't combine it with DisableWildcardHandling.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-PolicyState
Use this parameter to configure the policy.
Enabled: If you enable this policy, all new BitLocker startup PINs will be enhanced PINs.DisabledorNotConfigured: If you disable or don't configure this policy, BitLocker won't use enhanced PINs.
Parameter properties
| Type: | State |
| Default value: | None |
| Accepted values: | Enabled, Disabled, NotConfigured |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RequireAsciiOnlyPin
Use this parameter to help make enhanced PINs more compatible with computers that limit the type or number of characters that you can enter in the pre-boot environment.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.