Fix Windows Hello Error while creating PIN on Windows 10

While setting up anew Windows 10 OS, it’s mandatory to create a Hello PIN as well. You may discontinue using the same after the first login to your computer. Several users have reported experiencing different Windows Hello Error codes while re-creating the pin on their devices. Well, in this guide, we discuss all such known issues that occur from time to time along with doable workarounds. 

When one encounters a hello pin error, it accompanies a bugcheck value like – 0x801c004d, 0x90280013, etc. The error message reads – “Something went wrong, and we couldn’t set up your PIN”. Each such issue is unique in nature and requires separate solutions like – Sign-out/Sign-in, Reboot PC, Unjoin/Rejoin Azure AD, etc. Let’s explore these fixes in detail –

Windows Hello Error

Read Also – How to fix Windows Hello error 0x801c004d in Windows 10

How to Fix Windows Hello Error while creating a PIN 

To solve the Windows Hello PIN error on your computer, use the below workarounds –

1. Reboot your PC

Many a time, Windows Hello Errors occur due to system glitches, so you can solve them by restarting your device. Here is the list of such Windows PIN errors that you can fix by a simple PC reboot –

  • 0x801C000F – The system requires a reboot. 
  • 0x80090031 – If the system reboot doesn’t solve the issue, see solution #4.

2. Sign Out then Re-login to your Microsoft Account

There are a few Windows hello error codes that get solved by signing-out then re-logging into your Microsoft account. Here is the complete list –

Error Codes Reasons
0x801C0010 The AIK certificate is not valid or trusted.
0x801C0011 The attestation statement of the transport key is invalid.
0x801C0012 The Discovery request is not in a valid format.
0x801C03E9 The server response message is invalid
0x801C03EB Server response HTTP status is not valid
0x801C03EC Unhandled exception from server.
0x801C03EE Attestation failed.
0x801C03EF The AIK certificate is no longer valid.
0x801C044E Failed to receive user credentials input.

3. Unjoin the device from Azure AD then rejoin 

If you have connected your device with an Azure AD, you may encounter hello pin errors from time to time. To solve such issues, you should disable/remove the azure account on your computer and restart your PC. After the next login, you may rejoin the azure account (stopped earlier). To unjoin your system from Azure AD, browse to the following location, and select Disconnect from the organization.

Settings > System > About

Doing this indeed fixes several Windows hello errors which are as follows –

PIN Error Codes  Causes
0x801C044D Authorization token does not contain a device ID.
0x80090005 NTE_BAD_DATA
0x8009000F The container or key already exists.
0x80090011 The container or key was not found.

Note: There are a few Windows hello error codes that occur due to multiple reasons. They are as follows –

1. 0x801C03ED: This error appears due to any one of the following reasons –

  • The server receives an invalid request.
  • Failed to read one or more objects.
  • Missing Token inside the Authorization header.
  • “ProvisionKey” requires multi-factor authentication, however, none performed. 

Sol – Sign out of your Microsoft account then re-login. If the error persists even after this, unjoin the device from Azure Active Directory (Azure AD) and rejoin.

2. 0x801C03EA: This occurs when the server fails to authenticate either user or device. To solve this, check whether you own a valid token or the user has permission to register for Windows Hello for Business keys.

3. 0x801C0015: You must be having a new computer and haven’t yet joined an active azure AD. Just join the domain directory and you are good to create Windows Hello PIN. 

4. 0x801C000E: One may encounter this error only when there reaches an upper limit of registration quota. To fix this, either unjoin a few existing azure accounts or increase the number of devices per user.

4. TPM Issues while creating a PIN

A few windows hello error occurs when the TPM setup is either outdated or not complete. You can solve such hello pin errors simply by clearing the TPM security processor firmware. Here is the list of hello error codes that occur due to TPM issues –

  1. 0x80090029 – This occurs when the TPM setup is not complete on Windows 10 PC.
  2. 0x80090031 – This displays an error message that reads – “NTE_AUTHENTICATION_IGNORED”.
  3. 0x80090035 – If the Business policy of an organization makes TPM mandatory, however, you don’t have this program on your computer. 

Note: In most of the above cases, a simple sign-out and sign back in will resolve the issue. However, if not, you must reset the TPM or run clear-TPM using the PowerShell. 

How to Clear TPM on your device

To clear TPM on your Windows 10 Machine, use the below steps –

  • Navigate to the following path –
Settings (Win+I) > Update & Security > Windows Security 
  • Head over to the right pane, scroll down and click on Device Security
  • When Windows Security launches, select Security processor details under the Security Processor section.
  • Next, click Security processor troubleshooting thereafter clear TPM.

Fix Windows Hello Error

That’s it, this will reset your security processor to its default settings. Just make sure to Reboot your PC after successfully completing the above steps.

Note: Alternatively, you can use PowerShell to perform the above task –

  • Make a right-click on Win icon and select Windows PowerShell (Admin).
  • On its blue screen, copy/paste the below code and hit Enter.
Clear-Tpm

Clear TPM

The above command line will reset the Trusted Platform Module to its default state. Additionally, this will also remove the owner authorization value and any keys stored inside the TPM.

5. Configuration Issues 

If the federation provider configuration is set to empty, this may also lead to Windows Hello PIN errors. If that’s the case, all you need is to go to client configuration webpage and take the below actions –

  • 0x801C0016 – The file shouldn’t remain empty.
  • 0x801C0018 – The clientconfig element must contain a valid URL.

6. Other Hello PIN Errors

There are a few hello PIN errors that we can’t categorize as they appear due to different reasons. Below, we discuss such bugs along with their proper solutions –

1. x801C0003: User is not authorized to enroll

Since the user is denied access to enroll, check whether the user actually owns the permission or not. If yes, contact the IT admin to complete the set-up process.

2. 0x8009002A: NTE_NO_MEMORY

The bug appears owing to a shortage of memory. To fix this, either close any/all large applications running in the background or increase the overall RAM. 

3. 0x80090036: User canceled an interactive dialog

Just try to re-run the setup and the error will fade away.

4. 0x8009002d: There’s some system glitch, skip for now and try again in a few minutes.

7. Contact Microsoft Support Team

There are a few Windows hello error codes to which Microsoft hasn’t yet provided any exact solution. If you ever encounter such issues, it’s better to contact the support team for a fix. Here’s is the complete list of such PIN errors –

Hello Error Codes Reasons
0X80072F0C Unknown
0x80070057 An invalid parameter or argument is passed.
0x80090020 NTE_FAIL
0x80090027 The caller provided the wrong parameter. If third-party code receives this error, they must change their code.
0x8009002D NTE_INTERNAL_ERROR
0x801C0001 ADRS server response is not in a valid format.
0x801C0002 The server failed to authenticate the user.
0x801C0006 Unhandled exception from server.
0x801C000B Redirection is needed and redirected location is not a well-known server.
0x801C000C Discovery failed.
0x801C0013 The tenant ID is not found in the token.
0x801C0014 User SID is not found in the token.
0x801C0019 The federation provider-client configuration is empty.
0x801C001A The DRS endpoint in the federation provider-client configuration is empty.
0x801C001B The device certificate is not found.
0x801C03F0 There is no key registered for the user.
0x801C03F1 There is no UPN in the token.
0x801C044C There is no core window for the current thread.

That’s it, we hope this article helps to troubleshoot different Hello Errors that occur from time to time while setting a PIN to your Windows 10 device. If you have any queries related to this article, drop a message in the below comment box.