Back to Overview

What is Windows Hello? Definition, AAGUID and Role in WebAuthn

Blog-Post-Author

Vincent

Created: May 2, 2024

Updated: September 10, 2024

What is Windows Hello?#

Windows Hello is a biometric-based technology that allows Windows users to securely access their devices and online services using e.g. facial recognition, fingerprints or PINs instead of traditional passwords. This method offers enhanced security and convenience, integrating seamlessly with Windows devices to provide a user-friendly experience while maintaining high security standards. A prerequisite for Windows Hello is a trusted platform module (TPM) where the private keys of passkeys are also stored.

Slack Icon

Become part of our Passkeys Community for updates and support.

Join

AAGUID of Windows Hello#

For WebAuthn operations, Windows Hello utilizes the following Authenticator Attestation Global Unique Identifiers (AAGUIDs):

  • 08987058-cadc-4b81-b6e1-30de50dcbe96
  • 9ddd1817-af5a-4672-a2b9-3e3dd95000a9
  • 6028b017-b1d4-4c02-b4b3-afcdafc96bb2

These identifiers are used to identify Windows Hello as an authenticator in passkey-/ WebAuthn-based systems. Read more about this in the article about AAGUID.

  • Windows Hello is Windows’ biometric-based technology for secure, passwordless access.
  • Uses facial recognition, fingerprints, or PINs.
  • Enhances security and user convenience.
  • Integrated into Windows operating systems for seamless use.
Windows Hello is a biometric-based technology of Windows for secure access to devices and online services using cryptographic techniques.

Benefits of Windows Hello#

  • Offers a password-free sign-in option to unlock your devices.
  • Uses biometric data for a more personal and secure user authentication experience.
  • Supported by hardware such as infrared cameras and fingerprint readers.

How to Set Up Windows Hello#

Windows Hello enables users to sign into their Windows devices more personally and securely. Here are the steps to set it up:

  1. Access Settings: Go to Start > Settings > Accounts > Sign-in options.
  2. Choose Your Sign-in Option: You can select from facial recognition, fingerprint recognition, or a PIN.
  3. Follow On-screen Instructions: Set up the chosen method by following the guided setup process.
Substack Icon

Subscribe to our Passkeys Substack for the latest news, insights and strategies.

Subscribe

Windows Hello for Business#

Windows Hello for Business extends the basic features of Windows Hello with added enterprise-grade security. It is designed to meet organizational security and compliance needs. See also our blog post on Microsoft Entra passkeys.

  • Authentication: Supports enterprise and cloud-based services, enhancing security with two-factor authentication and built-in brute force protection.
  • Security Features: Utilizes the TPM to store credentials that cannot be extracted safeguarding against external threats.

Windows Hello FAQs#

What is Windows Hello?#

Windows Hello is a secure, biometric-based technology that allows users to sign in to their Windows devices using facial recognition, iris scans, or fingerprints.

How does Windows Hello enhance security?#

Windows Hello enhances security by using biometric data, which is way more difficult to crack than traditional passwords. By requiring the device and a second factor (e.g. biometrics, PIN, …) Windows Hello provides two-factor authentication and resists brute-force attacks.

Can Windows Hello be used on all Windows devices?#

Windows Hello is available on most modern Windows devices (Windows 10 and Windows 11) that have the necessary hardware like infrared cameras or fingerprint readers.

Ben Gould Testimonial

Ben Gould

Head of Engineering

I’ve built hundreds of integrations in my time, including quite a few with identity providers and I’ve never been so impressed with a developer experience as I have been with Corbado.

3,000+ devs trust Corbado & make the Internet safer with passkeys. Got questions? We’ve written 150+ blog posts on passkeys.

Join Passkeys Community

What are the benefits of using Windows Hello in a business environment?#

Windows Hello for Business provides robust security features, such as device attestation and certificate-based authentication, making it suitable for enterprise environments seeking to enhance security and compliance. See also our blog post on Microsoft Entra passkeys.

Share this article

LinkedInTwitterFacebook

Enjoyed this read?

🤝 Join our Passkeys Community

Share passkeys implementation tips and get support to free the world from passwords.

Join for free

🚀 Subscribe to Substack

Get the latest news, strategies, and insights about passkeys sent straight to your inbox.

Subscribe for free

We provide UI components, SDKs and guides to help you add passkeys to your app in <1 hour

Start for free

Related Terms

Related Articles

entra-passkeys
Passkeys Reviews

Microsoft Entra Passkeys: Use Passkeys For Employees

Vincent - January 18, 2024

passkeys-windows-11
Passkeys Strategy

Windows 11 Passkey (Windows Hello) Features [Oct 2024]

Vincent - September 7, 2023

passkeys-cheat-sheet
Passkeys Implementation

Passkeys Cheat Sheet for Developers

Lukas R. - March 6, 2024

passkey tutorial how to implement passkeys
Passkeys Implementation

Passkey Tutorial: How to Implement Passkeys in Web Apps

Vincent - December 7, 2023