While setting up anew Windows 10 OS, it’s mandatory to create a Hello PIN as well. You may discontinue using the same after the first login to your computer. Several users have reported experiencing different Windows Hello Error codes while re-creating the pin on their devices. Well, in this guide, we discuss all such known issues that occur from time to time along with doable workarounds.
When one encounters a hello pin error, it accompanies a bugcheck value like – 0x801c004d, 0x90280013, etc. The error message reads – “Something went wrong, and we couldn’t set up your PIN”. Each such issue is unique in nature and requires separate solutions like – Sign-out/Sign-in, Reboot PC, Unjoin/Rejoin Azure AD, etc. Let’s explore these fixes in detail –
How to Fix Windows Hello Error while creating a PIN
To solve the Windows Hello PIN error on your computer, use the below workarounds –
1. Reboot your PC
Many a time, Windows Hello Errors occur due to system glitches, so you can solve them by restarting your device. Here is the list of such Windows PIN errors that you can fix by a simple PC reboot –
- 0x801C000F – The system requires a reboot.
- 0x80090031 – If the system reboot doesn’t solve the issue, see solution #4.
2. Sign Out then Re-login to your Microsoft Account
There are a few Windows hello error codes that get solved by signing-out then re-logging into your Microsoft account. Here is the complete list –
|0x801C0010||The AIK certificate is not valid or trusted.|
|0x801C0011||The attestation statement of the transport key is invalid.|
|0x801C0012||The Discovery request is not in a valid format.|
|0x801C03E9||The server response message is invalid|
|0x801C03EB||Server response HTTP status is not valid|
|0x801C03EC||Unhandled exception from server.|
|0x801C03EF||The AIK certificate is no longer valid.|
|0x801C044E||Failed to receive user credentials input.|
3. Unjoin the device from Azure AD then rejoin
If you have connected your device with an Azure AD, you may encounter hello pin errors from time to time. To solve such issues, you should disable/remove the azure account on your computer and restart your PC. After the next login, you may rejoin the azure account (stopped earlier). To unjoin your system from Azure AD, browse to the following location, and select Disconnect from the organization.
Settings > System > About
Doing this indeed fixes several Windows hello errors which are as follows –
|PIN Error Codes||Causes|
|0x801C044D||Authorization token does not contain a device ID.|
|0x8009000F||The container or key already exists.|
|0x80090011||The container or key was not found.|
Note: There are a few Windows hello error codes that occur due to multiple reasons. They are as follows –
1. 0x801C03ED: This error appears due to any one of the following reasons –
- The server receives an invalid request.
- Failed to read one or more objects.
- Missing Token inside the Authorization header.
- “ProvisionKey” requires multi-factor authentication, however, none performed.
Sol – Sign out of your Microsoft account then re-login. If the error persists even after this, unjoin the device from Azure Active Directory (Azure AD) and rejoin.
2. 0x801C03EA: This occurs when the server fails to authenticate either user or device. To solve this, check whether you own a valid token or the user has permission to register for Windows Hello for Business keys.
3. 0x801C0015: You must be having a new computer and haven’t yet joined an active azure AD. Just join the domain directory and you are good to create Windows Hello PIN.
4. 0x801C000E: One may encounter this error only when there reaches an upper limit of registration quota. To fix this, either unjoin a few existing azure accounts or increase the number of devices per user.
4. TPM Issues while creating a PIN
A few windows hello error occurs when the TPM setup is either outdated or not complete. You can solve such hello pin errors simply by clearing the TPM security processor firmware. Here is the list of hello error codes that occur due to TPM issues –
- 0x80090029 – This occurs when the TPM setup is not complete on Windows 10 PC.
- 0x80090031 – This displays an error message that reads – “NTE_AUTHENTICATION_IGNORED”.
- 0x80090035 – If the Business policy of an organization makes TPM mandatory, however, you don’t have this program on your computer.
Note: In most of the above cases, a simple sign-out and sign back in will resolve the issue. However, if not, you must reset the TPM or run clear-TPM using the PowerShell.
How to Clear TPM on your device
To clear TPM on your Windows 10 Machine, use the below steps –
- Navigate to the following path –
Settings (Win+I) > Update & Security > Windows Security
- Head over to the right pane, scroll down and click on Device Security.
- When Windows Security launches, select Security processor details under the Security Processor section.
- Next, click Security processor troubleshooting thereafter clear TPM.
That’s it, this will reset your security processor to its default settings. Just make sure to Reboot your PC after successfully completing the above steps.
Note: Alternatively, you can use PowerShell to perform the above task –
- Make a right-click on Win icon and select Windows PowerShell (Admin).
- On its blue screen, copy/paste the below code and hit Enter.
The above command line will reset the Trusted Platform Module to its default state. Additionally, this will also remove the owner authorization value and any keys stored inside the TPM.
5. Configuration Issues
If the federation provider configuration is set to empty, this may also lead to Windows Hello PIN errors. If that’s the case, all you need is to go to client configuration webpage and take the below actions –
- 0x801C0016 – The file shouldn’t remain empty.
- 0x801C0018 – The clientconfig element must contain a valid URL.
6. Other Hello PIN Errors
There are a few hello PIN errors that we can’t categorize as they appear due to different reasons. Below, we discuss such bugs along with their proper solutions –
1. x801C0003: User is not authorized to enroll
Since the user is denied access to enroll, check whether the user actually owns the permission or not. If yes, contact the IT admin to complete the set-up process.
2. 0x8009002A: NTE_NO_MEMORY
The bug appears owing to a shortage of memory. To fix this, either close any/all large applications running in the background or increase the overall RAM.
3. 0x80090036: User canceled an interactive dialog
Just try to re-run the setup and the error will fade away.
4. 0x8009002d: There’s some system glitch, skip for now and try again in a few minutes.
7. Contact Microsoft Support Team
There are a few Windows hello error codes to which Microsoft hasn’t yet provided any exact solution. If you ever encounter such issues, it’s better to contact the support team for a fix. Here’s is the complete list of such PIN errors –
|Hello Error Codes||Reasons|
|0x80070057||An invalid parameter or argument is passed.|
|0x80090027||The caller provided the wrong parameter. If third-party code receives this error, they must change their code.|
|0x801C0001||ADRS server response is not in a valid format.|
|0x801C0002||The server failed to authenticate the user.|
|0x801C0006||Unhandled exception from server.|
|0x801C000B||Redirection is needed and redirected location is not a well-known server.|
|0x801C0013||The tenant ID is not found in the token.|
|0x801C0014||User SID is not found in the token.|
|0x801C0019||The federation provider-client configuration is empty.|
|0x801C001A||The DRS endpoint in the federation provider-client configuration is empty.|
|0x801C001B||The device certificate is not found.|
|0x801C03F0||There is no key registered for the user.|
|0x801C03F1||There is no UPN in the token.|
|0x801C044C||There is no core window for the current thread.|
That’s it, we hope this article helps to troubleshoot different Hello Errors that occur from time to time while setting a PIN to your Windows 10 device. If you have any queries related to this article, drop a message in the below comment box.