diff --git a/src/fido/cbor_client_pin.c b/src/fido/cbor_client_pin.c
index 7a4097c..2a681af 100644
--- a/src/fido/cbor_client_pin.c
+++ b/src/fido/cbor_client_pin.c
@@ -334,6 +334,10 @@ int cbor_client_pin(const uint8_t *data, size_t len) {
     }
     CBOR_PARSE_MAP_END(map, 1);
 
+    if (needs_power_cycle) {
+        CBOR_ERROR(CTAP2_ERR_PIN_AUTH_BLOCKED);
+    }
+
     cbor_encoder_init(&encoder, ctap_resp->init.data + 1, CTAP_MAX_CBOR_PAYLOAD, 0);
     if (subcommand == 0x0) {
         CBOR_ERROR(CTAP2_ERR_MISSING_PARAMETER);