Windows Hello is a more secure way to get instant access to Windows 10 devices using biometric gestures (fingerprint or facial recognition) or PIN gestures. This profile allows admins to configure fingerprint or facial recognition or set a PIN on the enrolled devices that help the users get access to applications, websites, and networks.
Purpose
The purpose of this knowledge base article is to provide a detailed guide on how to configure Windows Hello on a Windows device. Windows Hello is a built-in biometric authentication feature that allows users to log in to their Windows devices using facial recognition, fingerprint scanning, or a PIN.
Prerequisites
- The device must be enrolled through Windows EMM or Dual Enrollment mode.
- The device must be Azure AD joined to leverage all features of this policy.
- This article is intended for users who have a Windows device running Windows 10 or later with compatible hardware (such as a camera or fingerprint scanner).
- Please refer here for different types of Windows enrollment.
Steps
To configure fingerprint or facial recognition or set a PIN on the enrolled device(s), follow these steps:
- Login to the SureMDM Console.
- Navigate to Profiles and select the Windows platform.
- Click Add and enter the Profile name.
- Select the Windows Hello option and click Configure.
| Settings | Description |
| Windows Hello | Allow the use of Windows Hello for business. |
| Use Biometrics | Allow the use of biometric gestures such as fingerprint or face recognition instead of PIN gesture. |
| TPM | Enable this option to disable TPM (Trusted Protection Module revision 1.2) from using Windows Hello profile. |
| Minimum Pin Length | Enter the minimum number of digits for setting a PIN. |
| Maximum Pin Length | Enter the maximum number of digits for setting a PIN. |
| Digits | Set the usage of digits (Allowed/Required/Not Allowed). |
| Upper Case Letters | Configure the use of upper case letters (Allowed/Required/Not Allowed). |
| Lower Case Letter | Configure the use of lower case letters (Allowed/Required/Not Allowed). |
| Special Characters | Configure the use of special characters (Allowed/Required/Not Allowed). |
| Use Security Key For Sign In | Use this option for the users to sign-in to their device with FIDO security key. |
- Click Save to save the profile. The newly created profile will be listed under the Profiles section.
- Go to the Home tab and select the Windows device(s) or group(s).
- Click Apply to launch the Apply Job/Profile To Device prompt.
- In the Apply Job/Profile To Device prompt, select the created profile and click Apply.
By following the step-by-step instructions provided in this article, users can successfully configure Windows Hello on their Windows devices. Windows Hello provides a convenient and secure authentication method, enhancing the overall user experience and security of Windows logins.
End User Experience:
Need help? CONTACT US