There is a
- User PIN, used for signing files
- Admin PIN, used for administrative tasks like creating a new key pair or resetting User PIN
- Reset Code, when this was created, it can be used to reset User PIN
Have also a look at the documentation.
After an update, the files need to be verified and signed when they cannot have been tampered with. This is done with the User PIN.
On Nitrokey Start, there is also an option of admin-less mode depending on how the key was initialized. Then the same PIN is used for both.
The User PIN can be reset using the Admin PIN or a Reset Code or by factory reset of the Nitrokey. Depending on whether the RSA Key is used anywhere else and in case of Nitrokey Storage, whether there is valuable data on the key, the latter option might be used carefully as key/data might be lost.
Booted e.g. from a Linux Live CD with gnupg2 available, you could unblock the User PIN via
$ gpg --card-edit
> 2 - unblock PIN
It would be helpful to see
gpg --card-status output to see the current PIN counters.