Research Article
Security Analysis and Bypass User Authentication Bound to Device of Windows Hello in the Wild
Figure 3
Detailed protocol flow: provisioning a Windows device and a Microsoft account. When a user creates a local account in a Windows device and logs in with the Microsoft account, the Microsoft server issues encrypted tokens to identify the device and the account.