# Change #### Select which method you want to use to change your PINs:
Yubikey ManagerYubico's Official Software with graphical interface.
Command-lineEnter commands using ykman.exe.
KleopatraApplication available on Windows and Linux.
## ❊ Yubikey Manager
### PIN To change your PIN, open the Yubikey Manager software.
Select **Configure PINs**
You will see a list of buttons to manage your PIV PINs. In order to do this, you will need to have the ![](https://4238369593-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fqj0swE9RiXnBGKcxMY3V%2Fuploads%2FteBnVNnVJAD6ydRRM0QT%2Flink%20\(1\).png?alt=media\&token=e60aa39b-175c-4514-80fb-e75aef18aa78) [**Default Pins**](https://yubico.gitbook.io/yubikey5/piv-1/getting-started/2.-pins/defaults). However, there is a nice checkbox to the right which allows you to automatically supply the **Default PIN**.
Your new PIN should be between 6 - 8 characters long. Once you have typed a new PIN, click ![](https://4238369593-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fqj0swE9RiXnBGKcxMY3V%2Fuploads%2Fafz1jRx8NdMDKm5zRB0p%2Fpiv_btn_chgpin.png?alt=media\&token=2e87fbcd-069a-4ee5-9961-8ab51c78e7c7) ### PUK Changing the **PUK** is similar to changing the PIN. Click the box to the right marked **Use Default** and then supply your new PUK. ### MANAGEMENT KEY To change your Management key, return to the PIV home screen, and select ![](https://4238369593-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fqj0swE9RiXnBGKcxMY3V%2Fuploads%2Fx22kTyLtHnZa8iVilRXl%2Fpiv_btn_chgmanagement.png?alt=media\&token=a222c6fc-19f2-4ac9-812b-4e5746842e43)
Changing your management key is slightly different. You will first enter your current or default management key in **Current Management Key** field. (Or you can click **Use Default** on the right). Next, you will need to provide a new management key. On the right side, select the **Algorithm** to use for this management key. If you're unsure, just select **TDES****.** *AES256 is supported ONLY if your Yubikey is running v5.4.x firmware or newer*. {% hint style="info" %} *You can check the firmware version for your Yubikey by going to the home screen of the Yubikey Manager and looking in the top left.* {% endhint %} Finally, click the **Generate** button. Once your new key has been generated, it's recommended that you write this new Management Key down. If you generate new PIV certificates later, you will need this. You may also select the option **Protect With Pin** which will allow you to use a PIN instead of typing the Management Key. If you forget your PIN, PUK, or Management Key; you will need to **Reset** your entire PIV module and configure everything again. The reset button is located on the PIV home screen by clicking:
{% hint style="danger" %} Resetting your PIV module will erase everything stored in your PIV slots. All PINs will be reset and all PIV certificates will be wiped. {% endhint %} ## ❊ Command-Line (ykman)
If you wish to change your PIN, PUK, or Management Key using the ykman command-line, do the following: ### PIN To change your PIN, execute:\ If you do not specify **`-n`** or **-p** in your command, you will be prompted to enter each one. ``` ykman piv access change-pin ``` | Command | Description | | --------------------------------------- | --------------------------- | | -h | Show this message and exit. | | -n TEXT | A new PIN. | | -p TEXT | Current PIN code. | ### PUK To change your PUK, execute: If you do not specify **`-n`** or **-p** in your command, you will be prompted to enter each one. ``` ykman piv access change-puk ``` | Command | Description | | --------------------------------------- | --------------------------- | | -h | Show this message and exit. | | -n TEXT | A new PUK code. | | -p TEXT | Current PUK code. | ### MANAGEMENT KEY To change your Management key, select the tab below for what you wish to do. You can either have the Yubikey generate a new management key, or you can specify your own: {% tabs %} {% tab title="Generate New" %} ``` ykman piv access change-management-key -g -p ``` {% endtab %} {% tab title="Specify" %} ``` ykman piv access change-management-key -pt -a TDES -n 9892b8f8e1c46e5598679800dcdab1e4812d5a56af27fa250965d57ec32b8abb ``` {% endtab %} {% endtabs %} | Command | Description | | | | | ---------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | ------------------------- | -------------------------------------------------------------------- | |

-a

\[TDES | AES128 | AES192 | AES256]

|

Management key algorithm.

\[Default: TDES]

| | -f | Confirm the action without prompting. | | | | | -g |

Generate a random management key.

Implied by --protect unless--new-management-key is also given.

Conflicts with --new-management-key.

| | | | | -m TEXT | Current management key. | | | | | -n TEXT | A new management key. | | | | | -p | Store new management key on the YubiKey, protected by PIN. A random key is used if no key is provided. | | | | | -P TEXT | PIN code. | | | | | -t | Require touch on YubiKey when prompted for management key. | | | | ### RESET This will completely RESET your PIV module. Your PIN, PUK, and Management Keys will all be set back to ![](https://4238369593-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fqj0swE9RiXnBGKcxMY3V%2Fuploads%2FteBnVNnVJAD6ydRRM0QT%2Flink%20\(1\).png?alt=media\&token=e60aa39b-175c-4514-80fb-e75aef18aa78) [**default**](https://yubico.gitbook.io/yubikey5/piv-1/getting-started/2.-pins/defaults). ALL PIV certificates you've installed will be wiped. ```powershell ykman piv reset ``` | Command | Description | | ---------------------------------- | ------------------------------------- | | -h | Show this message and exit. | | -f | Confirm the action without prompting. | ## ❊ Kleopatra
Ensure you have the Gpg tools installed on your system. Click ![](https://4238369593-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fqj0swE9RiXnBGKcxMY3V%2Fuploads%2FAXecjdsVNIpY9sLQKz6m%2Fwindows_10x_icon.png?alt=media\&token=ff2dea74-fd36-4041-be27-013ecac09af9) and search for **Kleopatra****.**
Once the application loads, locate the **Smartcards** button to the right side.
Locate the Smartcard Management section and select **PIV**.
In the lower portion of the PIV panel, locate the **Actions** menu.
### PIN The following instructions explain how to change the PIV interface's PIN. Select ![](https://4238369593-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fqj0swE9RiXnBGKcxMY3V%2Fuploads%2FMWW28Nhs1HOh1P8nIKeg%2Fgpg_kleo_5.png?alt=media\&token=09ebd7e9-a416-4d5f-ae39-e1295c2efaad)
This dialog is where you enter your CURRENT PIV PIN.\ **`default:`**** ****123456**
You will then be asked to enter a NEW PIV PIN and then confirm it.
Your new PIV PIN is now saved. ### PUK These instructions explain how to change the PIV interface's PUK PIN. Select ![](https://4238369593-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fqj0swE9RiXnBGKcxMY3V%2Fuploads%2FSGImI2xJezDmVFKBHC7T%2Fpiv_pin_4.png?alt=media\&token=dded5fb7-017a-4e84-b6c4-f290078fae0b)
This dialog is where you enter your CURRENT PIV PUK PIN.\ **`default:`**** ****12345678**
You will then be asked to enter a NEW PIV PUK PIN and then confirm it.
Your new PIV PUK PIN is now saved. ### MANAGEMENT KEY These instructions allow you to change your PIV Management Key. {% hint style="info" %} Changing your management key with Kleopatra appears to be buggy. Sometimes throwing errors that the program cannot read the card. Recommended to use the Yubikey Manager or command-line. {% endhint %} Select ![](https://4238369593-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fqj0swE9RiXnBGKcxMY3V%2Fuploads%2FEWjTlkO8fHhASRAwy2i1%2Fpiv_pin_14.png?alt=media\&token=3785f184-01ae-48ed-aed9-74a027c0b591)
This dialog is where you enter your CURRENT Management Key.\ **`default: 010203040506070801020304050607080102030405060708`**
You will then be asked to enter a NEW PIV Management key and then confirm it.