This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 33%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKJ%3C/text%3E%3C/svg%3E)
Windows Hello simply stores the authentication digest in the TPM device and uses biometric authentication to retrieve it,and the actual authentication protocol exchanges the authentication digest.
Can authentication can be stolen by various means such as eavesdropping?
Kim, all your queries are answered in the FAQ section of WHFB section. https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-faq
Please don't forget to upvote and Accept as answer if the reply is helpful