TryChangePin Method

TryChangePin()

Tries to change the PIN using the KeyCollector.

C#
public bool TryChangePin()

Returns

System.Boolean

True on success, False if the user cancelled PIN collection, and an exception for all other kinds of failures.

Exceptions

Type Condition
Fido2Exception

The YubiKey returned an error indicating that the change PIN request could not be completed.

Remarks

FIDO2 separates the action of setting the initial PIN from changing it. Use SetPin() to set the first PIN, and use this method to change the PIN after that. In order to change the PIN, both the current PIN and the new PIN must be supplied. A PIN cannot be removed from FIDO2. The only way to clear the PIN is to reset the entire FIDO2 application, which will result in all credentials being removed.

Several considerations must be made when collecting the PIN.

  • It must be encoded in UTF-8 with Normalization Form C.
  • It must be at least 4 Unicode code points in length.
  • It must not exceed 63 bytes in encoded length.
Read more about PINs here.

TryChangePin(ReadOnlyMemory<Byte>, ReadOnlyMemory<Byte>)

Tries to change the PIN.

C#
public bool TryChangePin(ReadOnlyMemory<byte> currentPin, ReadOnlyMemory<byte> newPin)

Parameters

Type Name Description
System.ReadOnlyMemory<System.Byte> currentPin

The existing PIN encoded using UTF-8 in Normalization Form C.
System.ReadOnlyMemory<System.Byte> newPin

The new PIN to program onto the YubiKey. The new PIN:

  • Must be encoded in UTF-8 with Normalization Form C.
  • Must be at least 4 Unicode code points in length.
  • Must not exceed 63 bytes in encoded length.
Read more about PINs here.

Returns

System.Boolean

True, if successful. Otherwise false.

Exceptions

Type Condition
Fido2Exception

The YubiKey returned an error indicating that the change PIN request could not be completed.

Remarks

FIDO2 separates the action of setting the initial PIN from changing it. Use SetPin() to set the first PIN, and use this method to change the PIN after that. In order to change the PIN, both the current PIN and the new PIN must be supplied. A PIN cannot be removed from FIDO2. The only way to clear the PIN is to reset the entire FIDO2 application, which will result in all credentials being removed.