If you are experiencing a problem where your Windows Hello Pin does not work anymore, and you are seeing the following error message:

The certificate used for authentication has expired

This is probably because your Windows Hello Certificate has expired, and the auto-renewal did not work.

Follow the following steps to fix this issue:

Step 1: Remove expired smartcard certificate

• To do this, open “Run” application and then type “mmc.exe”
• Double click on User Certificates
• Open Personal > Certificates
• Find the expired certificate with description “Windows Hello Pin”
• Delete this certificate

Step 2: Reset Hello Pin

To do this, open Command Prompt as Administrator. Then run

dsregcmd /leave

Step 3: Restart Computer

Step 4: Windows upon restart will ask you to reset your Hello Pin

Behind the scenes a new certificate will also be created with a future expiration date.

Step 5: Run gpupdate /force /wait:-1