diff --git a/src/frontend/src/flows/authorize/index.ts b/src/frontend/src/flows/authorize/index.ts
index e276bed3ab..700d47c4c5 100644
--- a/src/frontend/src/flows/authorize/index.ts
+++ b/src/frontend/src/flows/authorize/index.ts
@@ -7,7 +7,6 @@ import { caretDownIcon } from "$src/components/icons";
 import { withLoader } from "$src/components/loader";
 import { showMessage } from "$src/components/message";
 import { showSpinner } from "$src/components/spinner";
-import { ENABLE_PIN_QUERY_PARAM_KEY } from "$src/config";
 import { getDapps } from "$src/flows/dappsExplorer/dapps";
 import { recoveryWizard } from "$src/flows/recovery/recoveryWizard";
 import { I18n } from "$src/i18n";
@@ -195,13 +194,6 @@ const authenticate = async (
     });
   }
 
-  const params = new URLSearchParams(window.location.search);
-  // Only allow PIN if query param is set and the request allows it
-  const allowPinAuthentication =
-    params.get(ENABLE_PIN_QUERY_PARAM_KEY) !== null
-      ? authContext.authRequest.allowPinAuthentication ?? false
-      : false;
-
   const authSuccess = await authenticateBox({
     connection,
     i18n,
@@ -213,7 +205,9 @@ const authenticate = async (
         dapp.hasOrigin(authContext.requestOrigin)
       ),
     }),
-    allowPinAuthentication,
+    // This allows logging in with a PIN but not registering with a PIN
+    allowPinAuthentication:
+      authContext.authRequest.allowPinAuthentication ?? true,
     autoSelectionIdentity: autoSelectionIdentity,
   });
 
diff --git a/src/frontend/src/flows/register/index.ts b/src/frontend/src/flows/register/index.ts
index 0ba1e09eb5..6adfe21bf8 100644
--- a/src/frontend/src/flows/register/index.ts
+++ b/src/frontend/src/flows/register/index.ts
@@ -1,5 +1,6 @@
 import { AuthnMethodData } from "$generated/internet_identity_types";
 import { withLoader } from "$src/components/loader";
+import { ENABLE_PIN_QUERY_PARAM_KEY } from "$src/config";
 import {
   PinIdentityMaterial,
   constructPinIdentity,
@@ -251,6 +252,10 @@ export const getRegisterFlowOpts = async ({
   const tempIdentity = await ECDSAKeyIdentity.generate({
     extractable: false,
   });
+  const params = new URLSearchParams(window.location.search);
+  // Only allow PIN if query param is set and the request allows it
+  const allowPinRegistration =
+    params.get(ENABLE_PIN_QUERY_PARAM_KEY) !== null && allowPinAuthentication;
   return {
     /** Check that the current origin is not the explicit canister id or a raw url.
      *  Explanation why we need to do this:
@@ -263,7 +268,7 @@ export const getRegisterFlowOpts = async ({
     pinAllowed: () =>
       // If pin auth is disallowed by the authenticating dapp then abort, otherwise check
       // if pin auth is allowed for the user agent
-      allowPinAuthentication
+      allowPinRegistration
         ? pinRegisterAllowed({ userAgent: navigator.userAgent, uaParser })
         : Promise.resolve(false),
     identityRegistrationStart: async () =>