{"id":75106,"date":"2023-06-05T13:10:27","date_gmt":"2023-06-05T17:10:27","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&#038;p=75106"},"modified":"2023-08-30T11:42:31","modified_gmt":"2023-08-30T15:42:31","slug":"manage-windows-biometrics-using-a-policy","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy","title":{"rendered":"Manage Windows Biometrics Using a Policy"},"content":{"rendered":"\n<p>Biometrics refers to the unique characteristics that can be used for identification. This includes physical traits (such as fingerprints) and behavioral traits (such as typing rhythm). Biometric information is increasingly replacing passwords to identify and verify users.<\/p>\n\n\n\n<p>Windows provides a biometric authentication service called&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/use-windows-hello-with-jumpcloud\" target=\"_blank\" rel=\"noreferrer noopener\">Windows Hello<\/a>&nbsp;that helps strengthen authentication and guard against potential spoofing through fingerprint matching and facial recognition. JumpCloud&#8217;s policy framework lets you remotely allow or restrict users from logging in to a managed device using biometrics. You can apply the policy to one managed Windows device or the entire fleet in your organization. See&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/get-started-policies\" target=\"_blank\" rel=\"noreferrer noopener\">Get Started: Policies<\/a>.<\/p>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card warning\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/warning-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Warning:<\/strong> \n<p>If you enable\u00a0<strong>Multi-Factor Authentication (MFA)<\/strong>\u00a0on a Windows device in JumpCloud, then biometrics cannot be used as the primary authentication method for device login. However, Windows Hello can be used as an authentication method during an active user session.<\/p>\n\n\n\n<ul>\n<li>If you clear&nbsp;<strong>Allow The Use Of Biometrics<\/strong>, devices&nbsp;where you apply this policy can\u2019t use the Windows Biometrics Services that Windows Hello relies on. In this case, the device notifies users that&nbsp;<em>Windows Hello isn\u2019t available on this device<\/em>.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>If you select&nbsp;<strong>Allow The Use Of Biometrics<\/strong>&nbsp;and the device supports Windows Hello, users can set up Windows Hello:\n<ul>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4028017\/windows-learn-about-windows-hello-and-set-it-up\" target=\"_blank\" rel=\"noreferrer noopener\">Learn about Windows Hello<\/a>.<\/li>\n\n\n\n<li>If Windows Hello is enabled, users may be required to set and use a pin.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p><strong>Considerations:<\/strong><\/p>\n\n\n\n<ul>\n<li>Consistently apply all Windows system updates.<\/li>\n\n\n\n<li>JumpCloud doesn\u2019t support Microsoft accounts. They shouldn\u2019t be enabled or locally tied to JumpCloud accounts.<\/li>\n<\/ul>\n\n\n\n<p><strong>To create a policy to allow biometrics<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to the JumpCloud&nbsp;<strong>Admin Portal<\/strong>:&nbsp;<a target=\"_blank\" href=\"https:\/\/console.jumpcloud.com\/login\" rel=\"noreferrer noopener\">https:\/\/console.jumpcloud.com\/login<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>DEVICE MANAGEMENT &gt; Policy Management<\/strong>.<\/li>\n\n\n\n<li>Click&nbsp;<strong>(+).<\/strong><\/li>\n\n\n\n<li>On the&nbsp;<strong>New Policy&nbsp;<\/strong>screen, select the&nbsp;<strong>Windows<\/strong>&nbsp;tab.<\/li>\n\n\n\n<li>Locate the&nbsp;<strong>Allow the Use of Biometrics policy<\/strong>, then click&nbsp;<strong>configure<\/strong>.<\/li>\n\n\n\n<li>(Optional) Enter a new name for the policy, or keep the default. Policy names must be unique.<\/li>\n\n\n\n<li>Under&nbsp;<strong>Settings<\/strong>, select&nbsp;<strong>Allow The Use of Biometrics<\/strong>&nbsp;to enable biometrics.<br><img decoding=\"async\" width=\"791\" height=\"584\" class=\"wp-image-84288\" style=\"width: 791px\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy.png\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy.png 791w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy-300x221.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy-768x567.png 768w\" sizes=\"(max-width: 791px) 100vw, 791px\" \/><\/li>\n\n\n\n<li>(Optional) Select the&nbsp;<strong>Device Groups<\/strong>&nbsp;tab, then select&nbsp;one or more device groups where you&#8217;ll apply this policy. For device groups with multiple OS member types, the policy is applied only to the supported OS.<\/li>\n\n\n\n<li>(Optional) Select the&nbsp;<strong>Devices<\/strong>&nbsp;tab, then select one or more devices where you&#8217;ll&nbsp;apply this policy.<\/li>\n\n\n\n<li>Click&nbsp;<strong>save<\/strong>.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Biometrics refers to the unique characteristics that can be used for identification. This includes physical traits (such as fingerprints) and [&hellip;]<\/p>\n","protected":false},"author":203,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2852,2862,2924],"support_tag":[],"coauthors":[2837,3011],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Manage Windows Biometrics Using a Policy - JumpCloud<\/title>\n<meta name=\"description\" content=\"Discover how to set up a policy that enables management of Windows biometrics. Review considerations, warnings, and the tutorial for help.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Manage Windows Biometrics Using a Policy\" \/>\n<meta property=\"og:description\" content=\"Discover how to set up a policy that enables management of Windows biometrics. Review considerations, warnings, and the tutorial for help.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-30T15:42:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"derekpietras, nickconrad\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy\",\"url\":\"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy\",\"name\":\"Manage Windows Biometrics Using a Policy - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy.png\",\"datePublished\":\"2023-06-05T17:10:27+00:00\",\"dateModified\":\"2023-08-30T15:42:31+00:00\",\"description\":\"Discover how to set up a policy that enables management of Windows biometrics. Review considerations, warnings, and the tutorial for help.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Manage Windows Biometrics Using a Policy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Manage Windows Biometrics Using a Policy - JumpCloud","description":"Discover how to set up a policy that enables management of Windows biometrics. Review considerations, warnings, and the tutorial for help.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy","og_locale":"en_US","og_type":"article","og_title":"Manage Windows Biometrics Using a Policy","og_description":"Discover how to set up a policy that enables management of Windows biometrics. Review considerations, warnings, and the tutorial for help.","og_url":"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy","og_site_name":"JumpCloud","article_modified_time":"2023-08-30T15:42:31+00:00","og_image":[{"url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"2 minutes","Written by":"derekpietras, nickconrad"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy","url":"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy","name":"Manage Windows Biometrics Using a Policy - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy.png","datePublished":"2023-06-05T17:10:27+00:00","dateModified":"2023-08-30T15:42:31+00:00","description":"Discover how to set up a policy that enables management of Windows biometrics. Review considerations, warnings, and the tutorial for help.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy#primaryimage","url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy.png","contentUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/console_win_biometrics_policy.png"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/manage-windows-biometrics-using-a-policy#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Manage Windows Biometrics Using a Policy"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75106"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/203"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75106\/revisions"}],"predecessor-version":[{"id":96789,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75106\/revisions\/96789"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=75106"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=75106"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=75106"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=75106"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}