Passwordless / Passkeys support has been added for authentication using the FIDO2 standard; this can be done on a per-user basis and must be carried out by the user. Our implementation leaves the user options open regarding how they enrol in passwordless.
  • The feature is controlled by the user and activated only by them through editing their user profile.
  • Once activated, the password will be removed from the system.
  • To sign in, the user enters their email address. They will then be prompted to authenticate using the method created, i.e., face scan, touch, or PIN. At present, as users can choose whether to lock their account to a specific device or use a cross-device credential, the only limiting factor is the options the device supports.

It can be turned off by using "Recover My Account" on the login page.
This will allow the user to create a password to sign in using the traditional method.



Where is Windows Hello biometrics data stored?

When you enrol in Windows Hello, an enrollment profile is created that represents your face. More information can be found on Windows Hello face authentication. This enrollment profile biometrics data is device-specific, is stored locally on the device, and does not leave the device or roam with the user. Some external fingerprint sensors store biometric data on the fingerprint module itself rather than on a Windows device. Even in this case, the biometrics data is stored locally on those modules, is device-specific, doesn't roam, never leaves the module, and is never sent to Microsoft Cloud or an external server.


Who has access to Windows Hello biometrics data?

Since Windows Hello biometrics data is stored in an encrypted format, no user or any process other than Windows Hello has access to it.


Where is Touch ID data stored? Secure Enclave
The chip in your device includes an advanced security architecture called the Secure Enclave, which was developed to protect your passcode and fingerprint data. Touch ID doesn't store any images of your fingerprint and instead relies only on a mathematical representation. It isn't possible for someone to reverse engineer your actual fingerprint image from this stored data.
 Your fingerprint data is encrypted, stored on the device, and protected with a key available only to the Secure Enclave. Your fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The OS can’t access it on your device or by any applications running on it. It's never stored on Apple servers, it's never backed up to iCloud or anywhere else, and it can't be used to match against other fingerprint databases.


Contact Support

E:  support@timetabling.com.au
W: www.timetabling.com.au/support
P: +61 3 5228 3700 9 am to 5 pm, local time, Melbourne, Australia