Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Abusing Windows Hello Authentication Without Biometric Data

DEFCONConference via YouTube

Overview

Explore Windows Hello's security vulnerabilities through this DEF CON 32 conference talk that examines Microsoft's modern authentication scheme. Dive deep into the mechanics of Windows Hello to understand how attackers can potentially bypass biometric authentication on compromised Windows systems without requiring actual biometric data. Learn about a newly released tool that demonstrates these vulnerabilities, including methods to defeat hardware protections and steal Primary Refresh Tokens. Discover how these exploits can enable identity persistence, sometimes achievable without administrator privileges, raising important considerations for the growing passwordless authentication landscape.

Syllabus

DEF CON 32 - Abusing Windows Hello Without a Severed Hand - Ceri Coburn, Dirk jan Mollema

Taught by

DEFCONConference

Reviews

Start your review of Abusing Windows Hello Authentication Without Biometric Data

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.