Explore a 33-minute Black Hat conference talk that delves into the vulnerabilities of Windows Hello, the popular password-less authentication solution. Learn about research conducted on attacking the face recognition mechanism and discover how attackers can potentially bypass Windows Hello using an external crafted USB device. Gain insights into the security implications of this widely-used authentication method, comparing its convenience to traditional password techniques. Follow along as the speaker, Omer Tsarfati, introduces the research, demonstrates the solution, explains data capture methods, and provides a live demo. Conclude with a discussion on future implications and potential next steps in addressing these security concerns.
Overview
Syllabus
Introduction
Passwordless
Windows Hello
Research
Solution
Capture Data
Demo
Whats next
Taught by
Black Hat
Related Courses
-
Exploiting Windows Hello for Business
-
Abusing Windows Hello Authentication Without Biometric Data
-
Biometric Authentication Under Threat - Liveness Detection Hacking
-
Windows Hello for Business Security Analysis and Authentication Protocol Deep Dive - Lecture 10
-
Windows Hello from the Other Side
-
Bypassing Local Windows Authentication to Defeat Full Disk Encryption
