Windows is pushing users to use biometric logins with Windows Hello, but German researchers warn this could be a security risk. They discovered critical vulnerabilities that allow local administrators or malware to bypass biometric checks and grant access regardless of the actual biometrics used. This undermines the security promise of Windows Hello for business environments. Researchers suggest disabling biometric functions in devices without Enhanced Sign-in Security (ESS) and advising users to log in via PIN instead.
German researchers at Black Hat 2025 demonstrated how Windows Hello’s biometric system can be bypassed, raising serious concerns about its effectiveness in securing corporate networks.
Consider the Risks of Biometric Authentication with Windows Hello: A Cautionary Note from Experts
Similar questions
What is Windows Hello?
Why are German researchers warning about security risks with Windows Hello?
How can local administrators bypass biometric checks?
Can malware also bypass these security measures?
What is Enhanced Sign-in Security (ESS)?
Why should users without ESS disable biometric functions?
Is it safer to log in using a PIN instead of biometrics?
Does this mean that all biometric systems are insecure?
How can businesses ensure their data remains secure if they use Windows Hello?
Are there any updates from Microsoft addressing these vulnerabilities?