![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 31%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,457 questions
Hi Testuser,
With Windows Hello for Business, the PIN is user-provided entropy used to load the private key in the Trusted Platform Module (TPM).The user must provide the entropy, the TPM-protected key, and the TPM that generated that key in order to successfully access the private key.
This enrollment profile biometrics data is device specific, is stored locally on the device, and does not leave the device or roam with the user. Some external fingerprint sensors store biometric data on the fingerprint module itself rather than on Windows device.
Also check this requirements for WHFB - windows-hello-biometric-requirements
==
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.