Security and Communication Networks

Research Article

Security Analysis and Bypass User Authentication Bound to Device of Windows Hello in the Wild

Table 2

Storage of authentication data for Windows Hello.
DataPath
Private keys%SystemRoot%\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Crypto\Keys
Key metadata%SystemRoot%\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc
EncPwd\HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\NgcPin\Credentials\EncryptedPassword
CacheData%SystemRoot%\System32\config\systemprofile\AppData\Local\Microsoft\Windows\CloudAPCache\MicrosoftAccount
Credentials%LOCALAPPDATA%\Microsoft\Credentials