Login on-Prem Windows

overview

WBF stands for Windows Biometric Framework. We implement this protocol to our BioPass FIDO2 Pro security key. By using it, users are now able to use the product to login on-Prem Windows.

For more information regariding this protocol, please refer to: https://learn.microsoft.com/en-us/windows/win32/secbiomet/biometric-framework-overview.

Get yourself ready

  • FEITIAN BioPass FIDO Pro security key.
  • An on-Prem Windows deveice, that not AAD nor Hybrid AD joined. Support Windows 7,8,10, and 11.
  • Download the related WBF driver , install the driver and reboot our Windows.
  • Hash for this driver: 6b12f47bd1ff2d77cd8e0627b230544c87dcd14b.

Check if the driver is installed properly

Insert BioPass FIDO Pro security key and go to Device Manager and see if below highlight driver is showing installed properly.

Configure Windows Hello Fingerprint

Go to Windows Settings/Accounts/Sign-in options, click Windows Hello Fingerprint. Please note, Windows may require user to set a Windows Hello PIN before using fingerprint.

Set up your fngerprint
  • Click ‘Set up’ and ‘Get started’ buttons.
  • Input your Windows Hello PIN

  • Touch the fingerprint sensor on BioPass FIDO2 Pro security key. please note at this moment, the LED on the security key solid on, not blinks.

Enrollment Option 1 (if you haven’t set up FIDO PIN and fingerprint or just set FIDO PIN previously)
  • Set a PIN for FIDO. As our security key support both FIDO and WBF, so to manage fingerprint, FIDO PIN has to be set if there is none. Please note, this PIN is for the FIDO of the seurity key, not Windows PIN, but you are allowed to set the same.

  • If user have FIDO PIN set, but not enrolled any fingerprint, it will ask user to input the FIDO PIN.

  • After you set a FIDO PIN, click ‘OK’ button, the LED on the key blinks, users are required to touch on the sensor of the key. And repeatly lift and touch the fingerprint sensor for 5 times until an ‘All set’ windows pops up.

                               

                                                              

Enrollment Option 2 (if you have set up both FIDO PIN and fingerprint)
  • It will ask user to input the FIDO PIN. Input FIDO PIN, and click OK.

  • Touch the fingerprint sensor on the FIDO security key.

  • ‘All set’ windows pops up.

Now you are registered the security key to your Windows Hello fingerprint, and able to use it to login Windows