diff --git a/cmd/cosign/cli/pkcs11cli/commands.go b/cmd/cosign/cli/pkcs11cli/commands.go
index 2d0e8946d52d..5d478dd828fe 100644
--- a/cmd/cosign/cli/pkcs11cli/commands.go
+++ b/cmd/cosign/cli/pkcs11cli/commands.go
@@ -24,6 +24,7 @@ import (
 	"fmt"
 	"os"
 	"path/filepath"
+	"syscall"
 
 	"github.com/miekg/pkcs11"
 	"github.com/pkg/errors"
@@ -112,7 +113,9 @@ func GetKeysInfo(_ context.Context, modulePath string, slotID uint, pin string)
 		if pin == "" {
 			if tokenInfo.Flags&pkcs11.CKF_LOGIN_REQUIRED == pkcs11.CKF_LOGIN_REQUIRED {
 				fmt.Fprintf(os.Stderr, "Enter PIN for PKCS11 token '%s': ", tokenInfo.Label)
-				b, err := term.ReadPassword(0)
+				// Unnecessary convert of syscall.Stdin on *nix, but Windows is a uintptr
+				// nolint:unconvert
+				b, err := term.ReadPassword(int(syscall.Stdin))
 				if err != nil {
 					return nil, errors.Wrap(err, "get pin")
 				}
diff --git a/pkg/cosign/common.go b/pkg/cosign/common.go
index ce90de789c35..1f8034a6b8d7 100644
--- a/pkg/cosign/common.go
+++ b/pkg/cosign/common.go
@@ -20,6 +20,7 @@ import (
 	"fmt"
 	"os"
 	"strings"
+	"syscall"
 
 	"github.com/pkg/errors"
 	"golang.org/x/term"
@@ -46,7 +47,9 @@ func ConfirmPrompt(msg string) (bool, error) {
 
 func GetPassFromTerm(confirm bool) ([]byte, error) {
 	fmt.Fprint(os.Stderr, "Enter password for private key: ")
-	pw1, err := term.ReadPassword(0)
+	// Unnecessary convert of syscall.Stdin on *nix, but Windows is a uintptr
+	// nolint:unconvert
+	pw1, err := term.ReadPassword(int(syscall.Stdin))
 	if err != nil {
 		return nil, err
 	}
@@ -55,7 +58,9 @@ func GetPassFromTerm(confirm bool) ([]byte, error) {
 		return pw1, nil
 	}
 	fmt.Fprint(os.Stderr, "Enter password for private key again: ")
-	confirmpw, err := term.ReadPassword(0)
+	// Unnecessary convert of syscall.Stdin on *nix, but Windows is a uintptr
+	// nolint:unconvert
+	confirmpw, err := term.ReadPassword(int(syscall.Stdin))
 	fmt.Fprintln(os.Stderr)
 	if err != nil {
 		return nil, err
diff --git a/pkg/cosign/pivkey/pivkey.go b/pkg/cosign/pivkey/pivkey.go
index 9547cb1ee161..409e6c8a7e9b 100644
--- a/pkg/cosign/pivkey/pivkey.go
+++ b/pkg/cosign/pivkey/pivkey.go
@@ -28,6 +28,7 @@ import (
 	"fmt"
 	"io"
 	"os"
+	"syscall"
 
 	"github.com/go-piv/piv-go/piv"
 	"github.com/pkg/errors"
@@ -194,7 +195,9 @@ func (k *Key) VerifySignature(signature, message io.Reader, opts ...signature.Ve
 
 func getPin() (string, error) {
 	fmt.Fprint(os.Stderr, "Enter PIN for security key: ")
-	b, err := term.ReadPassword(0)
+	// Unnecessary convert of syscall.Stdin on *nix, but Windows is a uintptr
+	// nolint:unconvert
+	b, err := term.ReadPassword(int(syscall.Stdin))
 	if err != nil {
 		return "", err
 	}
diff --git a/pkg/cosign/pkcs11key/pkcs11key.go b/pkg/cosign/pkcs11key/pkcs11key.go
index e2417999c95d..6d17ef96d1ae 100644
--- a/pkg/cosign/pkcs11key/pkcs11key.go
+++ b/pkg/cosign/pkcs11key/pkcs11key.go
@@ -29,6 +29,7 @@ import (
 	"io"
 	"os"
 	"path/filepath"
+	"syscall"
 
 	"github.com/ThalesIgnite/crypto11"
 	"github.com/miekg/pkcs11"
@@ -129,7 +130,9 @@ func GetKeyWithURIConfig(config *Pkcs11UriConfig, askForPinIfNeeded bool) (*Key,
 
 				if tokenInfo.Flags&pkcs11.CKF_LOGIN_REQUIRED == pkcs11.CKF_LOGIN_REQUIRED {
 					fmt.Fprintf(os.Stderr, "Enter PIN for key '%s' in PKCS11 token '%s': ", config.KeyLabel, config.TokenLabel)
-					b, err := term.ReadPassword(0)
+					// Unnecessary convert of syscall.Stdin on *nix, but Windows is a uintptr
+					// nolint:unconvert
+					b, err := term.ReadPassword(int(syscall.Stdin))
 					if err != nil {
 						return errors.Wrap(err, "get pin")
 					}