Manage Windows Biometrics Using a Policy

Biometrics refers to the unique characteristics that can be used for identification. This includes physical traits (such as fingerprints) and behavioral traits (such as typing rhythm). Biometric information is increasingly replacing passwords to identify and verify users.

Windows provides a biometric authentication service called Windows Hello that helps strengthen authentication and guard against potential spoofing through fingerprint matching and facial recognition. JumpCloud's policy framework lets you remotely allow or restrict users from logging in to a managed device using biometrics. You can apply the policy to one managed Windows device or the entire fleet in your organization. See Get Started: Policies.

Considerations:

• Consistently apply all Windows system updates.
• JumpCloud doesn’t support Microsoft accounts. They shouldn’t be enabled or locally tied to JumpCloud accounts.

To create a policy to allow biometrics:

1. Log in to the JumpCloud Admin Portal: https://console.jumpcloud.com/login.
2. Go to DEVICE MANAGEMENT > Policy Management.
3. Click (+).
4. On the New Policy screen, select the Windows tab.
5. Locate the Allow the Use of Biometrics policy, then click configure.
6. (Optional) Enter a new name for the policy, or keep the default. Policy names must be unique.
7. Under Settings, select Allow The Use of Biometrics to enable biometrics.
   
8. (Optional) Select the Device Groups tab, then select one or more device groups where you’ll apply this policy. For device groups with multiple OS member types, the policy is applied only to the supported OS.
9. (Optional) Select the Devices tab, then select one or more devices where you’ll apply this policy.
10. Click save.