question

NielsTech-5343 avatar image
0 Votes"
NielsTech-5343 asked FanFan-MSFT commented

Windows Hello for Business: Internet connectivity required?

We currently implementing a modern workplace solution with Windows 10 for a customer. We have Windows 10 user-based devices that are Azure AD joined and managed by Intune. Instead of logging on to the Windows 10 device with an Azure password we would prefer to use Windows Hello for business for device authentication (pincode + fingerprint). For the initial configuration of Windows Hello for Business we need an internet connection.
My question is, how often a internet connection is needed after the initial configuration to make sure Windows Hello for Business keeps working?
When I disconnect my internet connection I can still use Windows Hello for Business to logon to the Windows 10 device. Will this always work without an internet connection? Or do we need to connect to the internet once in while to make sure this will continue to work.
On the Microsoft documentation I found the following documentation about the sign-in process (https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless). I cannot find the answer here to my question. Can someone provide the answer and if possible provide a URL to documentation?

Thank you in advance!

windows-10-security
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

KapilArya avatar image
0 Votes"
KapilArya answered

Hello,

IMO, if you configure some of Windows Hello for Business settings, for example, PIN Reset, it may require to have Internet at client's end to make use of the setting.

Regards.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

NielsTech-5343 avatar image
0 Votes"
NielsTech-5343 answered FanFan-MSFT commented

I understand that with a initial configuration or change in configuration (PIN reset) a internet connection is required. My question is; do we need a internet connection periodically to make sure the authentication keeps working. If yes, how often?

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,
Based on my research, the biometric data used to support Windows Hello is stored on the local device only. It doesn't roam and is never sent to external devices or servers.
I don't think it need the internet connection all the time.
But not sure for internet connection periodically to update the pin, i would suggest you ask advice from the AZURE AD.
Best Regards,

0 Votes 0 ·