探花大神

Contact Us
Help Center Home > Policies > Manage Windows Biometrics Using a Policy

Manage Windows Biometrics Using a Policy

Biometrics refers to the unique characteristics that can be used for identification. This includes physical traits (such as fingerprints) and behavioral traits (such as typing rhythm). Biometric information is increasingly replacing passwords to identify and verify users.

Windows provides a biometric authentication service called Windows Hello that helps strengthen authentication and guard against potential spoofing through fingerprint matching and facial recognition. 探花大神's policy framework lets you remotely allow or restrict users from logging in to a managed device using biometrics. You can apply the policy to one managed Windows device or the entire fleet in your organization. See Get Started: Policies.

Warning:

If you enable聽Multi-Factor Authentication (MFA)聽on a Windows device in 探花大神, then biometrics cannot be used as the primary authentication method for device login. However, Windows Hello can still be used as an authentication method during an active user session (while a user is logged in) for UAC or other administrative prompts.

  • If you clear Allow The Use Of Biometrics, devices where you apply this policy can鈥檛 use the Windows Biometrics Services that Windows Hello relies on. In this case, the device notifies users that Windows Hello isn鈥檛 available on this device.
  • If you select Allow The Use Of Biometrics and the device supports Windows Hello, users can set up Windows Hello:
    • .
    • If Windows Hello is enabled, users may be required to set and use a pin.

Considerations:

  • Consistently apply all Windows system updates.
  • 探花大神 doesn鈥檛 support Microsoft accounts. They shouldn鈥檛 be enabled or locally tied to 探花大神 accounts.

To create a policy to allow biometrics:

  1. Log in to the 探花大神 Admin Portal: .
  2. Go to DEVICE MANAGEMENT > Policy Management.
  3. Click (+).
  4. On the New Policy screen, select the Windows tab.
  5. Locate the Allow the Use of Biometrics policy, then click configure.
  6. (Optional) Enter a new name for the policy, or keep the default. Policy names must be unique.
  7. Under Settings, select Allow The Use of Biometrics to enable biometrics.
  8. (Optional) Select the Device Groups tab, then select one or more device groups where you'll apply this policy. For device groups with multiple OS member types, the policy is applied only to the supported OS.
  9. (Optional) Select the Devices tab, then select one or more devices where you'll apply this policy.
  10. Click save.
Back to Top

Notebook IconLearn More

Get Started: Policies

Use Windows Hello with 探花大神

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case