Windows Hello for Business is awesome technology, that allows for multi-factor authenticated sign-in on Windows 10 devices.
About Windows Hello for Business
In Windows 10, Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that is tied to a device and uses a biometric or PIN.
Windows Hello addresses the following problems with passwords:
- Strong passwords can be difficult to remember, and users often reuse passwords on multiple sites.
- Server breaches can expose symmetric network credentials (passwords).
- Passwords are subject to replay attacks.
- Users can inadvertently expose their passwords due to phishing attacks.
There are five deployment types for Windows Hello for Business. Microsoft has described them in detail in the Windows Hello for Business Deployment Guide.
However, one of the pieces of documentation that I feel is missing from the deployment guide is an overview of the requirements per Windows Hello for Business deployment type.
The below table shows the requirements per Windows Hello for Business Deployment Type: