diff --git a/PolicyDefinitions/YubiKey.admx b/PolicyDefinitions/YubiKey.admx
index 1f7cabd..80621a6 100644
--- a/PolicyDefinitions/YubiKey.admx
+++ b/PolicyDefinitions/YubiKey.admx
@@ -10,38 +10,70 @@
     <category name="YubiKeyPIVManager" displayName="$(string.YubiKeyPIVManager)" />
   </categories>
   <policies>
-    <policy name="YubiKeyPIVManager_TouchPolicy" class="User" displayName="$(string.YubiKeyPIVManager_TouchPolicy)" explainText="$(string.YubiKeyPIVManager_TouchPolicy_Help)" presentation="$(presentation.YubiKeyPIVManager_TouchPolicy)" key="Software\Yubico\YubiKey PIV Manager" valueName="touch_policy">
+    <policy name="YubiKeyPIVManager_TouchPolicy" class="User" displayName="$(string.YubiKeyPIVManager_TouchPolicy)" explainText="$(string.YubiKeyPIVManager_TouchPolicy_Help)" presentation="$(presentation.YubiKeyPIVManager_TouchPolicy)" key="Software\Yubico\YubiKey PIV Manager">
       <parentCategory ref="YubiKeyPIVManager" />
       <supportedOn ref="windows:SUPPORTED_WindowsVista" />
-      <enabledValue><string>true</string></enabledValue>
-      <disabledValue><string>false</string></disabledValue>
+      <elements>
+        <multiText id="YubiKeyPIVManager_TouchPolicySlots_MultiText" valueName="touch_policy_slots" maxLength="2" maxStrings="4" />
+        <boolean id="YubiKeyPIVManager_TouchPolicy_CheckBox" valueName="touch_policy">
+          <trueValue>
+            <string>true</string>
+          </trueValue>
+          <falseValue>
+            <delete />
+          </falseValue>
+        </boolean>
+      </elements>
     </policy>
-    <policy name="YubiKeyPIVManager_Algorithm" class="User" displayName="$(string.YubiKeyPIVManager_Algorithm)" explainText="$(string.YubiKeyPIVManager_Algorithm_Help)" presentation="$(presentation.YubiKeyPIVManager_Algorithm)" key="Software\Yubico\YubiKey PIV Manager">
+    <policy name="YubiKeyPIVManager_PinPolicy" class="User" displayName="$(string.YubiKeyPIVManager_PinPolicy)" explainText="$(string.YubiKeyPIVManager_PinPolicy_Help)" presentation="$(presentation.YubiKeyPIVManager_PinPolicy)" key="Software\Yubico\YubiKey PIV Manager">
       <parentCategory ref="YubiKeyPIVManager" />
       <supportedOn ref="windows:SUPPORTED_WindowsVista" />
       <elements>
-        <enum id="YubiKeyPIVManager_Algorithm_DropdownList" valueName="algorithm" required="true">
-          <item displayName="$(string.YubiKeyPIVManager_Algorithm_RSA1024)">
+        <multiText id="YubiKeyPIVManager_PinPolicySlots_MultiText" valueName="pin_policy_slots" maxLength="2" maxStrings="4" />
+        <enum id="YubiKeyPIVManager_PinPolicy_DropdownList" valueName="pin_policy" required="true">
+          <item displayName="$(string.YubiKeyPIVManager_PinPolicy_Select)">
             <value>
-              <string>RSA1024</string>
+              <delete />
             </value>
           </item>
-          <item displayName="$(string.YubiKeyPIVManager_Algorithm_RSA2048)">
+          <item displayName="$(string.YubiKeyPIVManager_PinPolicy_Default)">
             <value>
-              <string>RSA2048</string>
+              <string>default</string>
             </value>
           </item>
-          <item displayName="$(string.YubiKeyPIVManager_Algorithm_ECC256)">
+          <item displayName="$(string.YubiKeyPIVManager_PinPolicy_Never)">
             <value>
-              <string>ECC256</string>
+              <string>never</string>
             </value>
           </item>
-          <item displayName="$(string.YubiKeyPIVManager_Algorithm_ECC384)">
+          <item displayName="$(string.YubiKeyPIVManager_PinPolicy_Once)">
             <value>
-              <string>ECC384</string>
+              <string>once</string>
+            </value>
+          </item>
+          <item displayName="$(string.YubiKeyPIVManager_PinPolicy_Always)">
+            <value>
+              <string>always</string>
             </value>
           </item>
         </enum>
+        <boolean id="YubiKeyPIVManager_ComplexPins_CheckBox" valueName="complex_pins">
+          <trueValue>
+            <string>true</string>
+          </trueValue>
+          <falseValue>
+            <string>false</string>
+          </falseValue>
+        </boolean>
+        <decimal id="YubiKeyPIVManager_PinExpiration_TextBox" valueName="pin_expiration" required="true" maxValue="1096" />
+        <boolean id="YubiKeyPIVManager_PinAsKey_CheckBox" valueName="pin_as_key">
+          <trueValue>
+            <string>true</string>
+          </trueValue>
+          <falseValue>
+            <string>false</string>
+          </falseValue>
+        </boolean>
       </elements>
     </policy>
     <policy name="YubiKeyPIVManager_CardReader" class="User" displayName="$(string.YubiKeyPIVManager_CardReader)" explainText="$(string.YubiKeyPIVManager_CardReader_Help)" presentation="$(presentation.YubiKeyPIVManager_CardReader)" key="Software\Yubico\YubiKey PIV Manager">
@@ -51,73 +83,47 @@
         <text id="YubiKeyPIVManager_CardReader_TextBox" valueName="card_reader" required="true" maxLength="256" />
       </elements>
     </policy>
-    <policy name="YubiKeyPIVManager_Template" class="User" displayName="$(string.YubiKeyPIVManager_Template)" explainText="$(string.YubiKeyPIVManager_Template_Help)" presentation="$(presentation.YubiKeyPIVManager_Template)" key="Software\Yubico\YubiKey PIV Manager">
-      <parentCategory ref="YubiKeyPIVManager" />
-      <supportedOn ref="windows:SUPPORTED_WindowsVista" />
-      <elements>
-        <text id="YubiKeyPIVManager_Template_TextBox" valueName="certreq_template" required="true" maxLength="256" />
-      </elements>
-    </policy>
-    <policy name="YubiKeyPIVManager_ComplexPins" class="User" displayName="$(string.YubiKeyPIVManager_ComplexPins)" explainText="$(string.YubiKeyPIVManager_ComplexPins_Help)" key="Software\Yubico\YubiKey PIV Manager" valueName="complex_pins">
-      <parentCategory ref="YubiKeyPIVManager" />
-      <supportedOn ref="windows:SUPPORTED_WindowsVista" />
-      <enabledValue><string>true</string></enabledValue>
-      <disabledValue><string>false</string></disabledValue>
-    </policy>
-    <policy name="YubiKeyPIVManager_EnableImport" class="User" displayName="$(string.YubiKeyPIVManager_EnableImport)" explainText="$(string.YubiKeyPIVManager_EnableImport_Help)" key="Software\Yubico\YubiKey PIV Manager" valueName="enable_import">
-      <parentCategory ref="YubiKeyPIVManager" />
-      <supportedOn ref="windows:SUPPORTED_WindowsVista" />
-      <enabledValue><string>true</string></enabledValue>
-      <disabledValue><string>false</string></disabledValue>
-    </policy>
-    <policy name="YubiKeyPIVManager_PinAsKey" class="User" displayName="$(string.YubiKeyPIVManager_PinAsKey)" explainText="$(string.YubiKeyPIVManager_PinAsKey_Help)" key="Software\Yubico\YubiKey PIV Manager" valueName="pin_as_key">
-      <parentCategory ref="YubiKeyPIVManager" />
-      <supportedOn ref="windows:SUPPORTED_WindowsVista" />
-      <enabledValue><string>true</string></enabledValue>
-      <disabledValue><string>false</string></disabledValue>
-    </policy>
-    <policy name="YubiKeyPIVManager_PinExpiration" class="User" displayName="$(string.YubiKeyPIVManager_PinExpiration)" explainText="$(string.YubiKeyPIVManager_PinExpiration_Help)" presentation="$(presentation.YubiKeyPIVManager_PinExpiration)" key="Software\Yubico\YubiKey PIV Manager">
+    <policy name="YubiKeyPIVManager_Request" class="User" displayName="$(string.YubiKeyPIVManager_Request)" explainText="$(string.YubiKeyPIVManager_Request_Help)" presentation="$(presentation.YubiKeyPIVManager_Request)" key="Software\Yubico\YubiKey PIV Manager">
       <parentCategory ref="YubiKeyPIVManager" />
       <supportedOn ref="windows:SUPPORTED_WindowsVista" />
       <elements>
-        <decimal id="YubiKeyPIVManager_PinExpiration_TextBox" valueName="pin_expiration" required="true" maxValue="1096" />
-      </elements>
-    </policy>
-    <policy name="YubiKeyPIVManager_PinPolicy" class="User" displayName="$(string.YubiKeyPIVManager_PinPolicy)" explainText="$(string.YubiKeyPIVManager_PinPolicy_Help)" presentation="$(presentation.YubiKeyPIVManager_PinPolicy)" key="Software\Yubico\YubiKey PIV Manager">
-      <parentCategory ref="YubiKeyPIVManager" />
-      <supportedOn ref="windows:SUPPORTED_WindowsVista" />
-      <elements>
-        <enum id="YubiKeyPIVManager_PinPolicy_DropdownList" valueName="pin_policy" required="true">
-          <item displayName="$(string.YubiKeyPIVManager_PinPolicy_Default)">
+        <enum id="YubiKeyPIVManager_Algorithm_DropdownList" valueName="algorithm" required="true">
+          <item displayName="$(string.YubiKeyPIVManager_Algorithm_Select)">
             <value>
-              <string>default</string>
+              <delete />
             </value>
           </item>
-          <item displayName="$(string.YubiKeyPIVManager_PinPolicy_Never)">
+          <item displayName="$(string.YubiKeyPIVManager_Algorithm_RSA1024)">
             <value>
-              <string>never</string>
+              <string>RSA1024</string>
             </value>
           </item>
-          <item displayName="$(string.YubiKeyPIVManager_PinPolicy_Once)">
+          <item displayName="$(string.YubiKeyPIVManager_Algorithm_RSA2048)">
             <value>
-              <string>once</string>
+              <string>RSA2048</string>
             </value>
           </item>
-          <item displayName="$(string.YubiKeyPIVManager_PinPolicy_Always)">
+          <item displayName="$(string.YubiKeyPIVManager_Algorithm_ECC256)">
             <value>
-              <string>always</string>
+              <string>ECC256</string>
+            </value>
+          </item>
+          <item displayName="$(string.YubiKeyPIVManager_Algorithm_ECC384)">
+            <value>
+              <string>ECC384</string>
             </value>
           </item>
         </enum>
+        <text id="YubiKeyPIVManager_Subject_TextBox" valueName="subject" required="true" maxLength="256" />
+        <text id="YubiKeyPIVManager_Template_TextBox" valueName="certreq_template" required="false" maxLength="256" />
       </elements>
-    </policy>
-    <policy name="YubiKeyPIVManager_PinPolicySlots" class="User" displayName="$(string.YubiKeyPIVManager_PinPolicySlots)" explainText="$(string.YubiKeyPIVManager_PinPolicySlots_Help)" presentation="$(presentation.YubiKeyPIVManager_PinPolicySlots)" key="Software\Yubico\YubiKey PIV Manager">
+    </policy>    
+    <policy name="YubiKeyPIVManager_DisableImport" class="User" displayName="$(string.YubiKeyPIVManager_DisableImport)" explainText="$(string.YubiKeyPIVManager_DisableImport_Help)" key="Software\Yubico\YubiKey PIV Manager" valueName="enable_import">
       <parentCategory ref="YubiKeyPIVManager" />
       <supportedOn ref="windows:SUPPORTED_WindowsVista" />
-      <elements>
-        <multiText id="YubiKeyPIVManager_PinPolicySlots_MultiText" valueName="pin_policy_slots" maxLength="2" maxStrings="4" />
-      </elements>
-    </policy>
+      <enabledValue><string>false</string></enabledValue>
+      <disabledValue><string>true</string></disabledValue>
+    </policy>    
     <policy name="YubiKeyPIVManager_ShownOuts" class="User" displayName="$(string.YubiKeyPIVManager_ShownOuts)" explainText="$(string.YubiKeyPIVManager_ShownOuts_Help)" presentation="$(presentation.YubiKeyPIVManager_ShownOuts)" key="Software\Yubico\YubiKey PIV Manager">
       <parentCategory ref="YubiKeyPIVManager" />
       <supportedOn ref="windows:SUPPORTED_WindowsVista" />
@@ -132,19 +138,5 @@
         <multiText id="YubiKeyPIVManager_ShownSlots_MultiText" valueName="shown_slots" maxLength="2" maxStrings="4" />
       </elements>
     </policy>
-    <policy name="YubiKeyPIVManager_Subject" class="User" displayName="$(string.YubiKeyPIVManager_Subject)" explainText="$(string.YubiKeyPIVManager_Subject_Help)" presentation="$(presentation.YubiKeyPIVManager_Subject)" key="Software\Yubico\YubiKey PIV Manager">
-      <parentCategory ref="YubiKeyPIVManager" />
-      <supportedOn ref="windows:SUPPORTED_WindowsVista" />
-      <elements>
-        <text id="YubiKeyPIVManager_Subject_TextBox" valueName="subject" required="true" maxLength="256" />
-      </elements>
-    </policy>
-    <policy name="YubiKeyPIVManager_TouchPolicySlots" class="User" displayName="$(string.YubiKeyPIVManager_TouchPolicySlots)" explainText="$(string.YubiKeyPIVManager_TouchPolicySlots_Help)" presentation="$(presentation.YubiKeyPIVManager_TouchPolicySlots)" key="Software\Yubico\YubiKey PIV Manager">
-      <parentCategory ref="YubiKeyPIVManager" />
-      <supportedOn ref="windows:SUPPORTED_WindowsVista" />
-      <elements>
-        <multiText id="YubiKeyPIVManager_TouchPolicySlots_MultiText" valueName="touch_policy_slots" maxLength="2" maxStrings="4" />
-      </elements>
-    </policy>
   </policies>
 </policyDefinitions>
\ No newline at end of file
diff --git a/PolicyDefinitions/en-US/YubiKey.adml b/PolicyDefinitions/en-US/YubiKey.adml
index e513f7e..ccc4fe8 100644
--- a/PolicyDefinitions/en-US/YubiKey.adml
+++ b/PolicyDefinitions/en-US/YubiKey.adml
@@ -6,89 +6,111 @@
   <resources>
     <stringTable>
       <string id="YubiKeyPIVManager">YubiKey PIV Manager</string>
-      <string id="YubiKeyPIVManager_TouchPolicy">Enforce Touch Policy</string>
-      <string id="YubiKeyPIVManager_TouchPolicy_Help">When enabled, the YubiKey will require its button to be touched to perform any action with the private key of a slot.</string>
-      <string id="YubiKeyPIVManager_Algorithm">Algorithm</string>
-      <string id="YubiKeyPIVManager_Algorithm_Help">Which algorithm to use for key pair generation.</string>
+      <string id="YubiKeyPIVManager_TouchPolicy">Configure Touch Policy</string>
+      <string id="YubiKeyPIVManager_TouchPolicy_Help">This policy setting configures the list of certificate slots to show the Touch Policy setting for.
+
+If you enable this policy setting, the option to choose the touch policy will be shown for the selected slots. These values are supported:
+9a - Authentication
+9c - Digital Signature
+9d - Key Management
+9e - Card Authentication
+
+If you also select the "Always require touch on the slots above" option, the YubiKey will always require its button to be touched to perform any action with the private keys of the slots specified.
+
+If you disable or do not configure this policy setting, the options will be hidden in the UI and the default slot-specific touch policies will be used.</string>
+      <string id="YubiKeyPIVManager_Algorithm_Select">User-defined</string>
       <string id="YubiKeyPIVManager_Algorithm_RSA1024">RSA-1024</string>
       <string id="YubiKeyPIVManager_Algorithm_RSA2048">RSA-2048</string>
       <string id="YubiKeyPIVManager_Algorithm_ECC256">ECC P-256</string>
       <string id="YubiKeyPIVManager_Algorithm_ECC384">ECC P-384</string>
-      <string id="YubiKeyPIVManager_CardReader">Card Reader</string>
-      <string id="YubiKeyPIVManager_CardReader_Help">String to match against when looking for compatible YubiKey devices.</string>
-      <string id="YubiKeyPIVManager_Template">Certreq Template</string>
-      <string id="YubiKeyPIVManager_Template_Help">Value to use in CertificateTemplate parameter when calling certreq.exe.</string>
-      <string id="YubiKeyPIVManager_ComplexPins">Complex PIN/PUKs</string>
-      <string id="YubiKeyPIVManager_ComplexPins_Help">True to require complex PINs and PUKs.</string>
-      <string id="YubiKeyPIVManager_EnableImport">Enable Certificate Import</string>
-      <string id="YubiKeyPIVManager_EnableImport_Help">When False, hide the "import from file…" button for certificates.</string>
-      <string id="YubiKeyPIVManager_PinAsKey">PIN as Management Key</string>
-      <string id="YubiKeyPIVManager_PinAsKey_Help">When true, the Management Key is based off of the PIN.</string>
-      <string id="YubiKeyPIVManager_PinExpiration">PIN Expiration</string>
-      <string id="YubiKeyPIVManager_PinExpiration_Help">When non-zero causes a timestamp to be written when the PIN is changed, and to force a PIN change after the specified number of days.</string>
-      <string id="YubiKeyPIVManager_PinPolicy">PIN Requirement Policy</string>
-      <string id="YubiKeyPIVManager_PinPolicy_Help">When set to a value other than "default", override the PIV standard for when the PIN is required for using a particular slot.</string>
-      <string id="YubiKeyPIVManager_PinPolicy_Default">Default</string>
+      <string id="YubiKeyPIVManager_CardReader">Set card reader name filter</string>
+      <string id="YubiKeyPIVManager_CardReader_Help">This policy setting configures the string to match against when looking for compatible YubiKey devices.
+
+If you enable this policy setting, only YubiKeys from matching card readers will be shown in the UI.
+
+If you disable or do not configure this policy setting, all YubiKey devices will be shown in the UI.</string>
+      <string id="YubiKeyPIVManager_Request">Set certificate request properties</string>
+      <string id="YubiKeyPIVManager_Request_Help">This policy setting configures the properties of generated certificates and certificate signing requests.
+
+If you enable this policy setting, the specified values will be used by the YubiKey PIV Manager.
+
+If you disable or do not configure this policy setting, application defaults will be used.</string>
+      <string id="YubiKeyPIVManager_DisableImport">Disable certificate import</string>
+      <string id="YubiKeyPIVManager_DisableImport_Help">This policy setting controls the ability to import certificates.
+
+If you enable this policy setting, the "Import from file..." button will be hidden in the UI.
+
+If you disable or do not configure this policy setting,  the "Import from file..." button will be shown in the UI.</string>
+      <string id="YubiKeyPIVManager_PinPolicy">Configure PIN Policy</string>
+      <string id="YubiKeyPIVManager_PinPolicy_Help">This policy setting configures the requirements for PIN usage.
+
+If you enable this policy setting, the default application behavior will be overriden.
+
+The PIN Requirement Policy setting will only be shown for the certificate slots listed. These certificate slot identifiers are supported:
+9a - Authentication
+9c - Digital Signature
+9d - Key Management
+9e - Card Authentication
+
+When the PIN Requirement Policy is set to a value other than "Slot defaults", the PIV standard for when the PIN is required for using a particular slot will be overridden.
+
+Non-zero PIN expiration interval causes a timestamp to be written when the PIN is changed, and to force a PIN change after the specified number of days.
+
+If you disable or do not configure this policy setting, slot-specific PIN policy will not be configurable through the UI.</string>
+      <string id="YubiKeyPIVManager_PinPolicy_Select">User-defined</string>
+      <string id="YubiKeyPIVManager_PinPolicy_Default">Slot defaults</string>
       <string id="YubiKeyPIVManager_PinPolicy_Never">Never</string>
       <string id="YubiKeyPIVManager_PinPolicy_Once">Once</string>
       <string id="YubiKeyPIVManager_PinPolicy_Always">Always</string>
-      <string id="YubiKeyPIVManager_PinPolicySlots">PIN Policy Slots</string>
-      <string id="YubiKeyPIVManager_PinPolicySlots_Help">Which certificate slots to show the PIN Requirement Policy setting for.
-Possible values are 9a, 9c, 9d and 9e.
-Default is none.</string>
-      <string id="YubiKeyPIVManager_ShownOuts">Displayed Output Formats</string>
-      <string id="YubiKeyPIVManager_ShownOuts_Help">Output formats available when generating a key.
-Possible values are pk, ssc, csr and ca.
-Default values are ssc, csr and ca.</string>
-      <string id="YubiKeyPIVManager_ShownSlots">Displayed Certificate Slots</string>
-      <string id="YubiKeyPIVManager_ShownSlots_Help">A list of which certificate slots to show in the UI.
-Possible values are 9a, 9c, 9d and 9e.
-All slots are shown by default.</string>
-      <string id="YubiKeyPIVManager_Subject">Subject DN</string>
-      <string id="YubiKeyPIVManager_Subject_Help">Subject to use when generating a CSR or self-signed certificate.</string>
-      <string id="YubiKeyPIVManager_TouchPolicySlots">Touch Policy Slots</string>
-      <string id="YubiKeyPIVManager_TouchPolicySlots_Help">Which certificate slots to show the Touch Policy setting for.
-Possible values are 9a, 9c, 9d and 9e.
-Default value is none.</string>
+      <string id="YubiKeyPIVManager_ShownOuts">Only display the specified output formats</string>
+      <string id="YubiKeyPIVManager_ShownOuts_Help">This policy setting determines the output formats that are available when generating a key.
+
+If you enable this policy setting, only the specified output formats will be shown. Supported formats are "pk", "ssc", "csr" and "ca".
+
+If you disable or do not configure this policy setting, the "ssc", "csr" and "ca" formats will be available.</string>
+      <string id="YubiKeyPIVManager_ShownSlots">Only display the specified certificate slots</string>
+      <string id="YubiKeyPIVManager_ShownSlots_Help">This policy setting determines the certificate slots that are shown in the UI.
+
+If you enable this policy setting, only the specified certificate slots will be shown in the UI. These values are supported:
+9a - Authentication
+9c - Digital Signature
+9d - Key Management
+9e - Card Authentication
+
+If you disable or do not configure this policy setting, all four certificate slots will be shown.</string>
     </stringTable>
     <presentationTable>
-      <presentation id="YubiKeyPIVManager_Algorithm">
-        <dropdownList refId="YubiKeyPIVManager_Algorithm_DropdownList" defaultItem="1">Cryptographic algorithm</dropdownList>
+      <presentation id="YubiKeyPIVManager_TouchPolicy">
+        <multiTextBox refId="YubiKeyPIVManager_TouchPolicySlots_MultiText">Allow the default touch policy to be overriden on these slots:</multiTextBox>
+        <checkBox refId="YubiKeyPIVManager_TouchPolicy_CheckBox" defaultChecked="false">Always require touch on the slots above</checkBox>
       </presentation>
-      <presentation id="YubiKeyPIVManager_TouchPolicy" />
       <presentation id="YubiKeyPIVManager_CardReader">
         <textBox refId="YubiKeyPIVManager_CardReader_TextBox">
-          <label>Card reader name</label>
+          <label>Card reader name:</label>
         </textBox>
       </presentation>
-      <presentation id="YubiKeyPIVManager_Template">
+      <presentation id="YubiKeyPIVManager_Request">
+        <dropdownList refId="YubiKeyPIVManager_Algorithm_DropdownList" defaultItem="0" noSort="true">Cryptographic algorithm to use for key pair generation:</dropdownList>
+        <textBox refId="YubiKeyPIVManager_Subject_TextBox">
+          <label>Subject Distinguished Name:</label>
+          <defaultValue>/CN=%USERNAME%</defaultValue>
+        </textBox>
         <textBox refId="YubiKeyPIVManager_Template_TextBox">
-          <label>Certificate template</label>
+          <label>Certificate template name (for certreq.exe):</label>
         </textBox>
       </presentation>
-      <presentation id="YubiKeyPIVManager_PinExpiration">
-        <decimalTextBox refId="YubiKeyPIVManager_PinExpiration_TextBox" defaultValue="0">Pin expiration in days</decimalTextBox>
-      </presentation>
       <presentation id="YubiKeyPIVManager_PinPolicy">
-        <dropdownList refId="YubiKeyPIVManager_PinPolicy_DropdownList" defaultItem="0">Policy</dropdownList>
-      </presentation>
-      <presentation id="YubiKeyPIVManager_PinPolicySlots">
-        <multiTextBox refId="YubiKeyPIVManager_PinPolicySlots_MultiText">Slots</multiTextBox>
+        <multiTextBox refId="YubiKeyPIVManager_PinPolicySlots_MultiText">Enable PIN Requirement Policy selection for these slots:</multiTextBox>
+        <dropdownList refId="YubiKeyPIVManager_PinPolicy_DropdownList" defaultItem="0" noSort="true">PIN Requirement Policy:</dropdownList>
+        <checkBox refId="YubiKeyPIVManager_ComplexPins_CheckBox" defaultChecked="false">Enforce complex PINs and PUKs</checkBox>
+        <decimalTextBox refId="YubiKeyPIVManager_PinExpiration_TextBox" defaultValue="0">PIN expiration interval (days):</decimalTextBox>
+        <checkBox refId="YubiKeyPIVManager_PinAsKey_CheckBox" defaultChecked="false">Derive the Management Key from PIN</checkBox>
       </presentation>
       <presentation id="YubiKeyPIVManager_ShownOuts">
-        <multiTextBox refId="YubiKeyPIVManager_ShownOuts_MultiText">Formats</multiTextBox>
+        <multiTextBox refId="YubiKeyPIVManager_ShownOuts_MultiText">Formats to show:</multiTextBox>
       </presentation>
       <presentation id="YubiKeyPIVManager_ShownSlots">
-        <multiTextBox refId="YubiKeyPIVManager_ShownSlots_MultiText">Slots</multiTextBox>
-      </presentation>
-      <presentation id="YubiKeyPIVManager_Subject">
-        <textBox refId="YubiKeyPIVManager_Subject_TextBox">
-          <label>Subject</label>
-          <defaultValue>/CN=%USERNAME%</defaultValue>
-        </textBox>
-      </presentation>
-      <presentation id="YubiKeyPIVManager_TouchPolicySlots">
-        <multiTextBox refId="YubiKeyPIVManager_TouchPolicySlots_MultiText">Slots</multiTextBox>
+        <multiTextBox refId="YubiKeyPIVManager_ShownSlots_MultiText">Slots to show in the UI:</multiTextBox>
       </presentation>
     </presentationTable>
   </resources>
diff --git a/Schema/PolicyDefinitions.xsd b/Schema/PolicyDefinitions.xsd
index cbaf2e9..419f52d 100644
--- a/Schema/PolicyDefinitions.xsd
+++ b/Schema/PolicyDefinitions.xsd
@@ -121,6 +121,16 @@
     <xs:attribute name="valueName" type="pd:registryValueName" use="required"/>
   </xs:complexType>
 
+  <xs:complexType name="multiTextElement">
+    <xs:annotation>
+      <xs:documentation>Describes a multi line text element in a policy</xs:documentation>
+    </xs:annotation>
+    <xs:attributeGroup ref="pd:PolicyElementAttributeGroup"/>
+    <xs:attribute name="required" type="xs:boolean" default="false"/>
+    <xs:attribute name="maxLength" type="xs:unsignedInt" default="1023"/>
+    <xs:attribute name="maxStrings" type="xs:unsignedInt" default="0"/>
+    <xs:attribute name="soft" type="xs:boolean" default="false"/>
+  </xs:complexType>
 
   <!--
 		Presentation of policy elements
@@ -168,6 +178,18 @@
     </xs:complexContent>
   </xs:complexType>
 
+  <xs:complexType name="MultiTextBox">
+    <xs:annotation>
+      <xs:documentation>Represents a multi-line textbox display element.</xs:documentation>
+      <xs:documentation>Can be associated with a multiTextElement.</xs:documentation>
+    </xs:annotation>
+    <xs:complexContent>
+      <xs:extension base="pd:DataElementContent">
+        <xs:attribute name="showAsDialog" type="xs:boolean" default="false"/>
+        <xs:attribute name="defaultHeight" type="xs:unsignedInt" default="3"/>
+      </xs:extension>
+    </xs:complexContent>
+  </xs:complexType>
 
   <xs:complexType name="CheckBox">
     <xs:annotation>
@@ -231,6 +253,7 @@
       <xs:element name="comboBox" type="pd:ComboBox"/>
       <xs:element name="dropdownList" type="pd:DropdownList"/>
       <xs:element name="listBox" type="pd:ListBox"/>
+      <xs:element name="multiTextBox" type="pd:MultiTextBox"/>
     </xs:choice>
     <xs:attribute name="id" type="pd:resourceID" use="required"/>
   </xs:complexType>
@@ -426,6 +449,7 @@
       <xs:element name="text" type="pd:TextElement"/>
       <xs:element name="enum" type="pd:EnumerationElement"/>
       <xs:element name="list" type="pd:ListElement"/>
+      <xs:element name="multiText" type="pd:multiTextElement"/>
     </xs:choice>
   </xs:complexType>
 </xs:schema>
\ No newline at end of file
diff --git a/Schema/readme.md b/Schema/readme.md
new file mode 100644
index 0000000..c53176c
--- /dev/null
+++ b/Schema/readme.md
@@ -0,0 +1,3 @@
+# Group Policy ADMX Schema Files
+
+This directory contains the [Group Policy ADMX Schema files](https://www.microsoft.com/en-us/download/details.aspx?id=4364) that were slightly modified to supoort the [multiText element](https://msdn.microsoft.com/en-us/library/dn606019.aspx). The schema files are used during ADMX and ADML authoring for code completion (Intellisense) and validation.
diff --git a/readme.md b/readme.md
index 430a135..361a9fa 100644
--- a/readme.md
+++ b/readme.md
@@ -3,12 +3,12 @@
 ## Introduction
 This ADMX administrative template allows administrators to easily deploy configuration of the [YubiKey PIV Manager](https://github.com/Yubico/yubikey-piv-manager) through Active Directory Group Policy. It can also be used on standalone computers to unlock some features of the PIV Manager that are disabled by default, like controlling the Pin and Touch policies. The affected registry locations are documented at [Yubico's website](https://developers.yubico.com/yubikey-piv-manager/Settings_and_Group_Policy.html).
 
-![Group Policy Editor Screenshot](https://github.com/MichaelGrafnetter/yubikey-piv-manager-admx/raw/master/screenshot.png)
+![Group Policy Editor Screenshot 1](https://github.com/MichaelGrafnetter/yubikey-piv-manager-admx/raw/master/screenshot.png)
+
+![Group Policy Editor Screenshot 2](https://github.com/MichaelGrafnetter/yubikey-piv-manager-admx/raw/master/screenshot2.png)
 
 ## Installation
 Just copy the ADMX and ADML files into the [local or central ADMX store](https://msdn.microsoft.com/en-us/library/bb530196.aspx#manageadmxfiles_topic2).
 
 ## TODO
-- Change the registry value locations from unmanaged to managed paths.
-- Group some policies into single GUI.
-- Add more meaningful explanations.
+- Change the registry value locations from unmanaged to managed paths. This will prevent registry tattooing and allow to define "Computer Configuration" policies in addition to "User Configuration" policies.
diff --git a/screenshot2.png b/screenshot2.png
new file mode 100644
index 0000000..29206da
Binary files /dev/null and b/screenshot2.png differ